Skip to main content
CVE-2026-5630 LOW POC Monitor

Stored cross-site scripting (XSS) in assafelovic gpt-researcher versions up to 3.4.3 allows unauthenticated remote attackers to inject malicious scripts via the Report API in backend/server/app.py. The vulnerability requires user interaction (report viewing) to trigger payload execution and carries low integrity impact (CVSS 4.3). Publicly available exploit code exists, and the vendor has not addressed the issue despite early notification.

XSS Gpt Researcher
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5639 LOW POC Monitor

SQL injection in PHPGurukul Online Shopping Portal Project 2.1 allows authenticated remote attackers to manipulate the filename parameter in /admin/update-image3.php, leading to database query manipulation with limited confidentiality and integrity impact. The vulnerability carries a CVSS score of 5.3 (medium severity) and requires valid admin credentials to exploit; publicly available exploit code exists but the vulnerability is not confirmed as actively exploited in CISA KEV.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5636 LOW POC Monitor

SQL injection in PHPGurukul Online Shopping Portal Project 2.1 allows authenticated remote attackers to execute arbitrary SQL queries via the oid parameter in /cancelorder.php, potentially enabling unauthorized data access or modification. Publicly available exploit code exists for this vulnerability, which affects the parameter handler component and carries a CVSS score of 5.3 with confirmed exploitation feasibility.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5635 LOW POC Monitor

SQL injection in PHPGurukul Online Shopping Portal Project 2.1 allows authenticated remote attackers to execute arbitrary SQL commands via the cid parameter in /categorywise-products.php. Publicly available exploit code exists for this vulnerability, which affects the parameter handler component. The attack requires valid user credentials but carries low impact, affecting confidentiality, integrity, and availability of data at limited scope.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5683 LOW POC Monitor

Stack-based buffer overflow in Tenda CX12L firmware version 16.03.53.12 allows authenticated local network attackers to cause memory corruption via manipulation of the page parameter in the P2pListFilter function. The vulnerability requires local network access and authenticated privileges but carries publicly available exploit code, elevating practical risk despite the moderate CVSS score of 5.1.

Tenda Buffer Overflow Stack Overflow
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-5691 MEDIUM This Month

Remote command injection in Totolink A7100RU 7.4cu.2313_b20191024 allows unauthenticated attackers to execute arbitrary OS commands via the firewallType parameter in the setFirewallType function of /cgi-bin/cstecgi.cgi. The vulnerability has a CVSS score of 6.9 with low confidentiality, integrity, and availability impact. Public exploit code exists and the vulnerability is potentially actively exploited.

Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
2.4%
CVE-2026-5690 MEDIUM This Month

Remote command injection in Totolink A7100RU firmware version 7.4cu.2313_b20191024 allows unauthenticated attackers to execute arbitrary OS commands by manipulating the enable parameter in the setRemoteCfg function of /cgi-bin/cstecgi.cgi. The vulnerability has a publicly available exploit and a CVSS 6.9 score reflecting remote network accessibility with low attack complexity. Real-world risk is elevated due to the presence of published exploit code and the direct path to command execution in a widely deployed home router model.

Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
2.4%
CVE-2026-5689 MEDIUM This Month

Remote code execution via OS command injection in Totolink A7100RU 7.4cu.2313_b20191024 allows unauthenticated network attackers to execute arbitrary commands through the tz parameter in the setNtpCfg function of /cgi-bin/cstecgi.cgi. Publicly available exploit code exists, and the vulnerability carries a CVSS 6.9 score indicating moderate severity with low impact across confidentiality, integrity, and availability.

Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
2.4%
CVE-2026-5621 LOW POC Monitor

Local command injection in ChrisChinchilla Vale-MCP up to version 0.1.0 allows authenticated local attackers to execute arbitrary OS commands via manipulation of the config_path argument in the HTTP Interface component (src/index.ts). The vulnerability requires local access and valid user privileges, with publicly available exploit code disclosed after vendor non-response, representing a moderate-risk issue in environments where the MCP tool is deployed with local user access.

Command Injection Vale Mcp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.3%
CVE-2026-5619 LOW POC Monitor

OS command injection in Braffolk mcp-summarization-functions through version 0.1.5 allows local attackers with user-level privileges to execute arbitrary system commands by manipulating the command argument in the summarize_command function. The vulnerability affects the src/server/mcp-server.ts component and requires local access; publicly available exploit code exists, and the vendor has not responded to disclosure attempts.

Command Injection Mcp Summarization Functions
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.3%
CVE-2026-35201 MEDIUM PATCH GHSA This Month

Out-of-bounds read in RDiscount's Markdown parser allows denial-of-service when processing attacker-controlled inputs exceeding 2GB. The vulnerability occurs because unsigned Ruby string lengths are truncated to signed integers before passing to the native parser, causing the parser to read past buffer boundaries and crash. Affected are RDiscount.new(input).to_html and RDiscount.new(input).toc_content methods. No public exploitation beyond proof-of-concept exists; patch version 2.2.7.4 is available.

Buffer Overflow Information Disclosure Suse
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-34380 MEDIUM PATCH This Month

Signed integer overflow in OpenEXR's undo_pxr24_impl() function allows unauthenticated remote attackers to bypass buffer bounds checks and trigger heap buffer overflow during EXR file decoding, potentially causing denial of service or limited data corruption when processing maliciously crafted EXR files. The vulnerability affects OpenEXR versions 3.2.0 through 3.2.6, 3.3.0 through 3.3.8, and 3.4.0 through 3.4.8. No public exploit code or active exploitation has been confirmed at the time of analysis.

Buffer Overflow Integer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-5668 LOW POC Monitor

Cross-site scripting (XSS) in Cyber-III Student-Management-System allows high-privileged authenticated attackers to inject malicious scripts via the $_SERVER['PHP_SELF'] parameter in the /admin/Add%20notice/add%20notice.php endpoint. The vulnerability requires user interaction (UI:P) to trigger and is confirmed by publicly available exploit code, though real-world risk is mitigated by high privilege requirements (PR:H) and limited technical impact (integrity only). The product uses rolling releases with no versioning, and the vendor has not responded to early disclosure.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-5644 LOW POC Monitor

Stored cross-site scripting (XSS) in Cyber-III Student-Management-System via manipulation of the $_SERVER['PHP_SELF'] variable in the batch-notice.php admin file allows authenticated attackers with high privileges to inject malicious scripts. The vulnerability affects all versions up to commit 1a938fa61e9f735078e9b291d2e6215b4942af3f, exploitable remotely with user interaction, and publicly available exploit code exists. CVSS score of 4.8 reflects moderate risk constrained by authentication and interaction requirements, though the integrity impact and active public disclosure elevate operational concern.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-5643 LOW POC Monitor

Reflected cross-site scripting in Cyber-III Student-Management-System up to commit 1a938fa61e9f735078e9b291d2e6215b4942af3f allows high-privilege authenticated attackers to inject malicious scripts via the $_SERVER['PHP_SELF'] parameter in the admin notice endpoint (/admin/Add%20notice/notice.php). Publicly available exploit code exists, and the vulnerability requires user interaction (UI) to trigger, limiting practical impact despite remote accessibility.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-34981 MEDIUM PATCH This Month

Server-side request forgery (SSRF) in whisperX-FastAPI versions 0.3.1 through 0.5.0 allows unauthenticated remote attackers to make arbitrary HTTP requests to internal URLs by exploiting inadequate URL validation in the FileService.download_from_url() function. An attacker can bypass the post-request file extension check by appending .mp3 to any URL supplied to the /speech-to-text-url endpoint, enabling reconnaissance of internal services and potential information disclosure. The vulnerability carries moderate severity (CVSS 5.8) with confirmed patch availability in version 0.6.0.

SSRF Whisperx Fastapi
NVD GitHub VulDB
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-5673 MEDIUM PATCH This Month

Heap-based out-of-bounds read in libtheora's AVI parser allows local attackers with limited privileges to trigger application crashes or leak heap memory via specially crafted AVI files with truncated header sub-chunks. The vulnerability affects Red Hat Enterprise Linux versions 6 through 10 and requires user interaction (opening a malicious file), with real-world impact limited to denial-of-service and potential information disclosure rather than code execution.

Information Disclosure Buffer Overflow Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +2
NVD GitHub VulDB
CVSS 3.1
5.6
EPSS
0.0%
CVE-2026-5672 MEDIUM This Month

SQL injection in code-projects Simple IT Discussion Forum 1.0 via the cat_id parameter in /edit-category.php allows unauthenticated remote attackers to execute arbitrary SQL queries, potentially leading to data exfiltration, modification, or deletion. The vulnerability has a publicly disclosed exploit and moderate CVSS score (6.9) with confirmed exploitation capability signals.

SQLi PHP
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-5669 MEDIUM This Month

SQL injection in Cyber-III Student-Management-System login parameter handler allows unauthenticated remote attackers to execute arbitrary SQL queries via the Password parameter in /login.php, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has been publicly disclosed with exploit code available, and the affected project uses rolling releases without fixed version tagging, complicating patch status determination. CVSS 6.9 reflects moderate severity with low confidentiality, integrity, and availability impact across multiple scopes.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-5648 MEDIUM This Month

SQL injection in code-projects Simple Laundry System 1.0 allows unauthenticated remote attackers to execute arbitrary SQL queries via the firstName parameter in /userfinishregister.php, enabling data exfiltration and manipulation. The vulnerability has publicly available exploit code and a published CVSS 6.9 score reflecting moderate confidentiality and integrity impact.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-48651 MEDIUM This Month

Information disclosure in Google Android allows local authenticated users to read sensitive data from system memory via local file access, achieving high confidentiality impact with low attack complexity. The vulnerability affects Android System-on-Chip (SoC) implementations across multiple versions. EPSS score of 0.01% indicates minimal real-world exploitation probability despite the moderate CVSS 5.5 rating, suggesting this is a low-priority issue in practice.

Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31410 MEDIUM PATCH This Month

Denial-of-service in the Linux kernel's ksmbd SMB server component stems from improper handling of volume identifiers in FS_OBJECT_ID_INFORMATION responses. Affected kernels fail to correctly use the superblock UUID (sb->s_uuid) as the volume identifier, and lack a safe fallback (via vfs_statfs()) for filesystems that do not expose a UUID - creating conditions for a kernel availability impact when a local low-privileged user interacts with an affected SMB share. EPSS is 0.01% (1st percentile) and no active exploitation is confirmed in CISA KEV; no public exploit code has been identified at time of analysis.

Information Disclosure Linux Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-33406 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) via HTML attribute injection in Pi-hole Admin Interface versions 6.0 through 6.4 allows unauthenticated remote attackers to perform UI redressing and information disclosure by injecting double quotes into configuration values displayed in settings-advanced.js, exploitable through malicious teleporter backup imports that bypass server-side field validation.

XSS Web Interface
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-35046 MEDIUM PATCH This Month

Tandoor Recipes prior to version 2.6.4 allows authenticated users to inject malicious CSS via <style> tags in recipe step instructions due to improper sanitization by the bleach.clean() library, which whitelists <style> tags by default. Client applications rendering the instructions_markdown field from the API without additional sanitization will execute attacker-controlled CSS, enabling UI redressing, phishing overlays, visual defacement, and CSS-based data exfiltration attacks. The vulnerability requires authentication and user interaction to exploit, limiting its scope, but affects any downstream application consuming the API.

XSS Recipes
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31153 MEDIUM This Month

Stored cross-site scripting (XSS) in Bynder v0.1.394 allows authenticated attackers to inject and execute arbitrary web scripts or HTML through a crafted payload, affecting users who interact with malicious content. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting immediate mass exploitation but posing a risk to collaborative environments where users trust stored content. No public exploit has been confirmed as actively exploited per CISA records, and EPSS/KEV status indicates lower real-world exploitation probability despite the stored XSS vector.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31353 MEDIUM GHSA This Month

Stored cross-site scripting (XSS) in Feehi CMS v2.1.1 Category module allows authenticated attackers to inject arbitrary web scripts via the Name parameter, affecting users who subsequently view the malicious content. The vulnerability requires user interaction (rendering in a browser) and authenticated access to inject the payload, but once stored, it executes in the context of any user viewing the affected category. EPSS exploitation probability is extremely low at 0.02% (5th percentile), indicating minimal real-world attack likelihood despite moderate CVSS score.

XSS Feehi Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31350 MEDIUM GHSA This Month

Authenticated stored XSS in Feehi CMS v2.1.1 allows authenticated users to inject arbitrary web scripts or HTML via the Page Sign parameter, enabling session hijacking, credential theft, or malware distribution to other users viewing affected pages. EPSS exploitation probability is minimal at 0.02%, and no public exploit code or active exploitation has been confirmed, indicating low real-world attack urgency despite the CVSS medium score.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31313 MEDIUM GHSA This Month

Stored cross-site scripting (XSS) in Feehi CMS v2.1.1 allows authenticated attackers to inject malicious scripts into the Content field during page/post creation or editing, which execute in the browsers of other users viewing the affected content. The vulnerability requires user interaction (UI:R) and authenticated access (PR:L), limiting its severity to CVSS 5.4 (medium). No public exploit code or active exploitation has been identified; EPSS score of 0.02% indicates extremely low real-world exploitation probability despite public disclosure.

XSS N A
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31352 MEDIUM GHSA This Month

Stored XSS in Feehi CMS v2.1.1 Role Management module allows authenticated users to execute arbitrary scripts via malicious Role Name input, affecting all users viewing the affected role. The vulnerability requires prior authentication and user interaction (UI:R), limiting its scope to authenticated attackers within the application; EPSS score of 0.02% indicates minimal real-world exploitation probability despite public visibility.

XSS
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-31354 MEDIUM GHSA This Month

Stored cross-site scripting (XSS) in Feehi CMS v2.1.1 Permissions module allows authenticated users to inject malicious scripts via Group, Category, or Description parameters, potentially enabling session hijacking or malware distribution to other authenticated users. Attack requires valid credentials and user interaction (UI:R per CVSS), limiting immediate risk despite network accessibility. No public exploit code or active exploitation has been confirmed; EPSS probability is minimal at 0.01% (3rd percentile).

XSS Feehi Cms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-35208 MEDIUM PATCH This Month

Stored HTML injection in lichess.org allows approved streamers to inject arbitrary markup into the /streamer page and homepage 'Live streams' widget via their Twitch or YouTube stream title, enabling defacement and phishing attacks. The vulnerability requires an attacker to first obtain an approved streamer account (accounts older than 2 days with 15+ games, or verified accounts) and then moderate approval, but no additional privileges or authentication beyond that approval is needed. Content Security Policy blocks inline script execution, limiting the immediate scope to HTML/CSS-based attacks rather than arbitrary JavaScript execution. A upstream fix is available via commit 0d5002696ae705e1888bf77de107c73de57bb1b3, and no public exploit code or active exploitation has been reported.

XSS Lila
NVD GitHub
CVSS 4.0
5.3
EPSS
0.1%
CVE-2026-35390 MEDIUM PATCH This Month

Bulwark Webmail versions prior to 1.4.11 fail to enforce Content-Security-Policy headers, allowing unauthenticated attackers to execute arbitrary JavaScript through crafted email HTML. The reverse proxy incorrectly uses Content-Security-Policy-Report-Only instead of the enforcing Content-Security-Policy header, enabling XSS attacks that can steal session tokens or perform unauthorized actions on behalf of users. This vulnerability requires user interaction (opening a malicious email) and affects only the client-side context with limited scope, reflected in the CVSS 5.3 score; no public exploit code or active exploitation has been reported.

XSS Webmail
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-5606 MEDIUM This Month

SQL injection in PHPGurukul Online Shopping Portal Project 2.1 allows authenticated remote attackers to execute arbitrary SQL queries via the orderid parameter in /order-details.php, enabling data exfiltration and database manipulation. CVSS 6.3 reflects authenticated access requirement and limited scope; no public exploit code or active KEV status confirmed at time of analysis.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-37977 MEDIUM PATCH This Month

CORS header injection in Keycloak's User-Managed Access token endpoint allows remote attackers to reflect attacker-controlled origin values before JWT signature validation, potentially exposing low-sensitivity authorization error responses when clients are misconfigured with wildcard origin permissions. The vulnerability requires high attack complexity and affects only clients explicitly configured with webOrigins set to "*", resulting in a low-severity information disclosure with limited real-world exploitability.

Code Injection Red Hat Build Of Keycloak
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-22675 MEDIUM PATCH This Month

Stored cross-site scripting in OCS Inventory NG Server 2.12.3 and prior allows unauthenticated attackers to inject malicious JavaScript via User-Agent HTTP headers to the /ocsinventory endpoint, which is then stored and executed in the browsers of authenticated users viewing the statistics dashboard. The vulnerability requires user interaction (dashboard access) but affects all instances accepting agent registrations without input validation, creating a persistent attack surface for multi-user deployments.

XSS Ocs Inventory Ng Server
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-34951 MEDIUM PATCH This Month

Reflected cross-site scripting (XSS) in Salesforce Workbench prior to version 65.0.0 allows unauthenticated remote attackers to inject arbitrary JavaScript via the footerScripts parameter on error pages, requiring user interaction to execute malicious payload. The vulnerability stems from improper input sanitization during web page generation. Vendor-released patch: version 65.0.0. No public exploit code or active exploitation confirmed at time of analysis.

XSS Workbench
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35475 MEDIUM PATCH This Month

Open redirect vulnerability in WeGIA web manager prior to version 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external URLs by injecting a malicious redirect parameter into HTTP requests. The vulnerability exploits missing URL validation on the redirect parameter, which is passed directly to PHP's header() function without sanitization or whitelist checks. User interaction is required as the victim must click a crafted link, but successful exploitation can facilitate phishing attacks or credential theft by redirecting users to attacker-controlled domains that masquerade as legitimate institutional websites.

Open Redirect
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35472 MEDIUM PATCH This Month

Open Redirect vulnerability in WeGIA versions prior to 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external websites via the unvalidated nextPage parameter in the /WeGIA/controle/control.php endpoint when combined with specific parameters (metodo=listarTodos and nomeClasse=EstoqueControle). Attackers can exploit the application's trusted domain to conduct phishing attacks, steal credentials, distribute malware, or execute social engineering campaigns. The vulnerability has been patched in version 3.6.9.

Open Redirect PHP
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35398 MEDIUM PATCH This Month

Open redirect vulnerability in WeGIA versions prior to 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external websites via the nextPage parameter in the /WeGIA/controle/control.php endpoint. By combining this with specific query parameters (metodo=listarTodos, listarId_Nome, nomeClasse=OrigemControle), attackers can leverage the trusted WeGIA domain for phishing, credential harvesting, malware distribution, and social engineering attacks. The vulnerability is fixed in version 3.6.9.

Open Redirect PHP
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35396 MEDIUM PATCH This Month

Open redirect in WeGIA web management application versions prior to 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external websites via an unvalidated nextPage parameter in the /WeGIA/controle/control.php endpoint. By crafting a malicious URL combining metodo=listarId and nomeClasse=IsaidaControle parameters, attackers can leverage the application's trusted domain for phishing, credential harvesting, malware distribution, and social engineering attacks. The vulnerability is fixed in version 3.6.9.

Open Redirect PHP
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35474 MEDIUM PATCH This Month

Open redirect vulnerability in WeGIA web application versions prior to 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external URLs via an unvalidated redirect parameter in GET requests. The vulnerability requires user interaction (clicking a malicious link) and has limited confidentiality and integrity impact. This is fixed in version 3.6.9.

Open Redirect
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-35473 MEDIUM PATCH This Month

Open redirect vulnerability in WeGIA web manager versions prior to 3.6.9 allows unauthenticated remote attackers to redirect users to arbitrary external websites via the unvalidated nextPage parameter in the /WeGIA/controle/control.php endpoint. The vulnerability requires user interaction (clicking a malicious link) but leverages the trusted WeGIA domain to facilitate phishing, credential theft, and malware distribution attacks. This issue is fixed in version 3.6.9.

Open Redirect PHP
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-34972 MEDIUM PATCH GHSA This Month

BatchCheck API calls in OpenFGA 1.8.0 through 1.13.1 can bypass authorization policies when multiple permission checks target the same object, relation, and user combination, allowing authenticated attackers with limited privileges to gain unauthorized access to protected resources. The vulnerability stems from improper handling of duplicate check parameters in batch operations and is fixed in version 1.14.0.

Google Authentication Bypass
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-5704 MEDIUM PATCH This Month

Tar archive extraction allows hidden file injection by local authenticated users through crafted malicious archives, bypassing pre-extraction inspection mechanisms and enabling introduction of attacker-controlled files. The vulnerability affects Red Hat Enterprise Linux versions 6 through 10, requires local access and user interaction (extraction action), and presents a moderate integrity risk (CVSS 5.0) with no confirmed active exploitation or public proof-of-concept at time of analysis.

File Upload Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 +1
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-31351 MEDIUM GHSA This Month

Stored XSS in Feehi CMS v2.1.1 creation/editing module allows authenticated high-privilege users to execute arbitrary scripts via malicious Title parameter injection, affecting all users who view the affected content. The vulnerability requires high-privilege authentication and user interaction (UI:R), limiting real-world exploitability to insider threats or compromised administrative accounts; CVSS 4.8 reflects low impact (CIA:L) and confined scope.

XSS
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-35404 MEDIUM PATCH This Month

Open edX Platform versions prior to commit 76462f1e5fa9b37d2621ad7ad19514b403908970 suffer from an open redirect vulnerability in the view_survey endpoint that accepts unvalidated redirect_url parameters, enabling attackers to redirect authenticated users to arbitrary attacker-controlled URLs for phishing and credential theft. The vulnerability requires user interaction (clicking a malicious link) to trigger the redirect but affects all versions of the platform until the specific commit is applied; no public exploit code has been identified at the time of analysis.

Open Redirect
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-30613 MEDIUM This Month

AZIOT 1 Node Smart Switch (16amp) WiFi/Bluetooth Enabled firmware version 1.1.9 allows information disclosure through unauthenticated UART debug interface access. An attacker with physical access to the device can connect to the serial console and extract sensitive information without any authentication barrier. This vulnerability has an EPSS score of 0.03% (9th percentile), indicating very low real-world exploitation probability despite the high confidentiality impact rating.

Information Disclosure
NVD GitHub
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-31066 MEDIUM This Month

Buffer overflow in UTT Aggressive HiPER 810G v3 v1.7.7-171114 formTaskEdit function allows authenticated administrators to cause denial of service through a malformed selDateType parameter. The vulnerability is a classic stack-based buffer overflow (CWE-120) requiring high-privilege local network access; no public exploitation framework has been identified, and CVSS 4.5 reflects the limited scope (DoS only, no code execution or information disclosure).

Denial Of Service Buffer Overflow 810g Firmware
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-31065 MEDIUM This Month

Buffer overflow in UTT Aggressive 520W v3 firmware version 1.7.7-180627 allows authenticated high-privilege attackers to cause denial of service by supplying crafted input to the addCommand parameter of the formConfigCliForEngineerOnly function. The vulnerability requires administrative-level access and local network connectivity, limiting real-world attack surface despite the buffer overflow class of vulnerability.

Denial Of Service Buffer Overflow 520w Firmware
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-31063 MEDIUM This Month

Buffer overflow in UTT Aggressive HiPER 1200GW v2.5.3-170306 formArpBindConfig function allows authenticated attackers with high privileges to cause denial of service by supplying a crafted input to the pools parameter. CVSS score of 4.5 reflects limited attack surface (local network access required) and high privilege requirement, though impact is complete availability loss. No public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service Buffer Overflow 1200Gw Firmware
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy