Skip to main content
CVE-2026-33033 MEDIUM POC PATCH GHSA This Month

Django's MultiPartParser allows authenticated remote attackers to cause denial of service through performance degradation by submitting multipart uploads with Content-Transfer-Encoding: base64 and excessive whitespace. Affected versions include Django 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30, with unsupported series 5.0.x, 4.1.x, and 3.2.x potentially also vulnerable. The vulnerability has a CVSS 6.5 score reflecting high availability impact but requires authentication (PR:L) and is not actively exploited or publicly weaponized at analysis time.

Python Information Disclosure Red Hat Suse
NVD GitHub VulDB HeroDevs
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-4079 MEDIUM POC PATCH This Month

SQL injection in SQL Chart Builder WordPress plugin before version 2.3.8 allows remote attackers to execute arbitrary SQL queries through the dynamic filter functionality due to improper input escaping. The vulnerability affects all versions before 2.3.8, requires no authentication or user interaction, and carries a moderate CVSS score of 6.5 with low real-world exploitation probability (EPSS 0.02%). Publicly available exploit code exists, though the low EPSS percentile suggests limited active exploitation relative to the attack surface.

WordPress SQLi
NVD WPScan
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1900 MEDIUM POC PATCH This Month

Unauthenticated attackers can modify plugin settings via a publicly accessible REST endpoint in Link Whisper Free WordPress plugin before version 0.9.1, enabling information disclosure and unauthorized configuration changes. The vulnerability has publicly available exploit code and affects all versions prior to 0.9.1. Although the CVSS score is 6.5 (medium), the EPSS score of 0.02% indicates very low real-world exploitation probability despite public POC availability.

WordPress Authentication Bypass
NVD WPScan
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5741 MEDIUM POC This Month

Remote code execution via OS command injection in suvarchal docker-mcp-server through 0.1.0 allows unauthenticated attackers to execute arbitrary commands by manipulating the stop_container, remove_container, or pull_image HTTP interface functions. Publicly available exploit code exists, and while the vendor was notified early through GitHub issue #3, no patch has been released as of the analysis date.

Docker Command Injection
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
1.0%
CVE-2025-15611 MEDIUM POC PATCH This Month

Cross-Site Request Forgery in Popup Box WordPress plugin before 5.5.0 allows authenticated admins to be tricked into creating or modifying popups containing arbitrary JavaScript via missing nonce validation in the add_or_edit_popupbox() function. While the CVSS score of 5.4 reflects moderate severity, the EPSS score of 0.02% (6th percentile) indicates very low real-world exploitation probability despite publicly available proof-of-concept code, suggesting this vulnerability requires precise social engineering to be actionable in practice.

WordPress CSRF SSRF
NVD WPScan
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-35584 MEDIUM PATCH This Month

{conversation_id}/{thread_id} endpoint. The endpoint fails to verify both authentication and thread-conversation association, enabling complete enumeration of help desk conversations and metadata manipulation without credentials. This affects all FreeScout installations below version 1.8.212.

Authentication Bypass Freescout
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-22680 MEDIUM PATCH GHSA This Month

OpenViking versions prior to 0.3.3 expose a missing authorization vulnerability in task polling endpoints that allows unauthenticated remote attackers to enumerate and retrieve background task metadata created by other users, exposing task types, status, resource identifiers, archive URIs, result payloads, and error information. This vulnerability enables information disclosure with a CVSS score of 6.9 and carries particular risk in multi-tenant deployments where cross-tenant data leakage could occur. No public exploit code has been identified at the time of analysis, though the vulnerability requires only network access and no special attack complexity.

Authentication Bypass Openviking
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-39936 MEDIUM This Month

Stored cross-site scripting (XSS) vulnerability in Mediawiki Score Extension allows unauthenticated remote attackers to inject malicious scripts that execute in the context of wiki pages, potentially compromising user sessions and enabling defacement or data theft. The vulnerability exists due to improper input neutralization during web page generation (CWE-79). Affected versions include 1.45.2, 1.43.7, and 1.44.4, with patches available from Wikimedia Foundation.

XSS Mediawiki Score Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39935 MEDIUM This Month

Improper input neutralization in Mediawiki CampaignEvents Extension versions 1.43.7, 1.44.4, and 1.45.2 allows unauthenticated remote attackers to inject and execute arbitrary JavaScript in user browsers via cross-site scripting (XSS). The vulnerability affects web page generation with a CVSS 4.0 base score of 6.9, indicating low confidentiality, integrity, and availability impact across both changed and unchanged security scopes.

XSS Mediawiki Campaignevents Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39933 MEDIUM This Month

Cross-site scripting (XSS) in Wikimedia Foundation's MediaWiki GlobalWatchlist Extension enables unauthenticated remote attackers to execute arbitrary JavaScript in victim browsers with critical impact across confidentiality, integrity, and availability (CVSS 10.0). This vulnerability affects only non-release development branches, not production deployments. No public exploit identified at time of analysis, though the publicly accessible Phabricator task and Gerrit code review may facilitate proof-of-concept development.

XSS Mediawiki Globalwatchlist Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39838 MEDIUM This Month

Improper input neutralization in the Wikimedia MediaWiki ProofreadPage Extension allows cross-site scripting (XSS) attacks targeting non-script elements via unauthenticated remote requests. The vulnerability has a CVSS 4.0 base score of 6.9 with network-accessible attack vector and low integrity and confidentiality impact. No public exploit code or active exploitation (KEV status) is documented at time of analysis, though the low attack complexity and absence of privilege requirements make this a practical threat to deployed MediaWiki instances using this extension.

XSS Mediawiki Proofreadpage Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-22711 MEDIUM This Month

Cross-site scripting (XSS) in the Mediawiki Wikilove Extension via improper neutralization of alternate XSS syntax allows unauthenticated remote attackers to inject malicious scripts with low complexity attack surface. The vulnerability affects Mediawiki Wikilove Extension versions 1.43.7, 1.44.4, and 1.45.2, enabling stored or reflected XSS attacks that can compromise user sessions, steal credentials, or deface wiki content. No public exploit code or active exploitation has been identified at time of analysis, but the attack requires no user interaction or privileges, making it a moderate-risk priority for affected wiki administrators.

XSS
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-5739 MEDIUM GHSA This Month

Remote code injection in PowerJob 5.1.0, 5.1.1, and 5.1.2 allows unauthenticated attackers to execute arbitrary code via the GroovyEvaluator.evaluate function in the OpenAPI endpoint /openApi/addWorkflowNode by manipulating the nodeParams argument. The vulnerability exploits unsafe Groovy code evaluation without input sanitization, enabling full remote code execution with a low CVSS complexity score (6.9/10). No public exploit code is confirmed at time of analysis, and the vendor has not yet responded to the early disclosure notification.

Code Injection RCE Powerjob
NVD VulDB GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39934 MEDIUM This Month

Infinite loop vulnerability in Wikimedia MediaWiki GrowthExperiments Extension (versions 1.45.2, 1.44.4, 1.43.7) allows unauthenticated remote attackers to trigger a denial of service condition by exploiting a Time-of-Check and Time-of-Use (TOCTOU) race condition that causes unreachable loop exit logic. The vulnerability has a CVSS score of 6.9 with low confidentiality, integrity, and availability impact across all scopes. No public exploit code or active exploitation has been confirmed at time of analysis.

Denial Of Service Mediawiki Growthexperiments Extension
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-20628 MEDIUM This Month

Remote attackers can spoof client-mode Remote Connector Servers in PingIDM to intercept and modify identity security properties including passwords and account recovery information, due to insufficient access control granularity that prevents administrators from properly restricting RCS communications. This vulnerability affects PingIDM deployments using Remote Connector Servers in client mode and requires specific RCS configuration to be exploitable; no public exploit code has been identified at the time of analysis.

Information Disclosure Pingidm
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39351 MEDIUM PATCH This Month

Frappe web application framework prior to versions 16.14.0 and 15.104.0 allows unauthenticated remote attackers to bypass access controls and retrieve restricted Doctype data through API endpoints, resulting in information disclosure of sensitive application data. The vulnerability is tagged as an authentication bypass with a CVSS 6.9 score and exploits missing authorization checks on API methods.

Authentication Bypass Frappe
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-34080 MEDIUM PATCH This Month

Policy parser vulnerability in xdg-dbus-proxy prior to 0.1.7 allows authenticated local users to bypass eavesdrop restrictions and intercept D-Bus messages by exploiting improper whitespace handling in policy rule parsing. The proxy fails to normalize eavesdrop policy directives, permitting attackers to craft malformed policies (e.g., eavesdrop ='true' with spacing variations) that evade the eavesdrop=true access control checks. No public exploit code has been identified at time of analysis.

Authentication Bypass Xdg Dbus Proxy
NVD GitHub VulDB
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-4931 MEDIUM This Month

Marginal v1 smart contract implements an unsafe numeric downcast that enables attackers to settle large debt positions using negligible asset amounts, creating a critical financial manipulation vector in the DeFi protocol. The vulnerability affects Marginal Smart Contract v1 across all deployment instances accessible via the public blockchain network. An attacker can exploit this type confusion flaw to bypass intended collateral requirements and artificially close positions at drastically undervalued rates, causing financial loss to the protocol and legitimate liquidity providers.

Information Disclosure Marginal Smart Contract
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-35586 MEDIUM PATCH GHSA This Month

Privilege escalation in pyLoad prior to 0.5.0b3.dev97 allows authenticated users with SETTINGS permission to bypass admin-only protections and modify SSL certificate and key file paths due to incorrect option name mappings in the ADMIN_ONLY_CORE_OPTIONS authorization set. The vulnerability arises from name mismatches (ssl_cert/ssl_key vs. ssl_certfile/ssl_keyfile) and complete omission of the ssl_certchain option from authorization checks, enabling any SETTINGS-privileged user to overwrite critical SSL configuration-a capability intended exclusively for administrators. CVSS 6.8 reflects high confidentiality and integrity impact with authenticated access required and high attack complexity.

Python Authentication Bypass
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-20431 MEDIUM This Month

Remote denial of service in MediaTek modem chipsets allows unauthenticated attackers to crash the system via a logic error when connecting to a rogue base station. The vulnerability affects 19 MediaTek chipset models (MT8678, MT6899, MT6897, and others) with no authentication or user interaction required. EPSS score of 0.08% (24th percentile) and CISA SSVC framework rating of no confirmed exploitation and partial technical impact suggest this is a low real-world priority despite the moderate CVSS 6.5 score.

Denial Of Service Mediatek Chipset
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-39368 MEDIUM GHSA This Month

Stored SSRF in WWBN AVideo 26.0 and prior allows authenticated streamers with low-privilege streaming permissions to store arbitrary callback URLs in the live restream log feature, triggering server-side requests to internal or loopback HTTP services. The vulnerability affects all versions up to and including 26.0; exploitation requires valid streaming credentials but no user interaction. No public exploit code has been identified, though a proof-of-concept exists per CISA SSVC data.

SSRF Avideo
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39374 MEDIUM PATCH This Month

Plane project management tool versions prior to 1.3.0 allow authenticated project members to modify issue dates across workspace and project boundaries via the IssueBulkUpdateDateEndpoint, which lacks proper authorization filtering. An attacker with ADMIN or MEMBER role in any project can arbitrarily change start_date and target_date fields on issues they have no legitimate access to, enabling data integrity violations across the entire Plane instance. EPSS score of 6.5 reflects moderate real-world risk for this privilege escalation, with no public exploit code or active exploitation confirmed at time of analysis.

Authentication Bypass Plane
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39354 MEDIUM PATCH This Month

Scoold versions prior to 1.66.2 allow authenticated low-privilege users to overwrite arbitrary existing questions by submitting a POST request to /questions/ask with another user's question ID as the postId parameter. Since question IDs are publicly visible in URLs, attackers can identify target questions and replace their content with malicious text, corrupting discussion threads and destroying legitimate user-generated content. The vulnerability requires only basic user authentication and network access, making it trivially exploitable by any logged-in account.

Authentication Bypass Scoold
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32588 MEDIUM PATCH GHSA This Month

Authenticated denial of service via CQL in Apache Cassandra 4.0 through 5.0 allows authenticated users to elevate query latencies by repeatedly changing passwords, disrupting service availability for legitimate users. The vulnerability affects Cassandra 4.0.0-4.0.19, 4.1.0-4.1.10, and 5.0.0-5.0.6. Vendor-released patches are available (4.0.20, 4.1.11, 5.0.7). With an EPSS score of 0.02% (5th percentile), real-world exploitation risk is minimal despite the moderate CVSS score of 6.5, reflecting the requirement for prior authentication and the low likelihood of widespread abuse.

Apache Denial Of Service Red Hat
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39366 MEDIUM GHSA This Month

Replay attack in WWBN AVideo versions 26.0 and prior allows authenticated attackers to repeatedly submit legitimate PayPal IPN notifications to the v1 handler, inflating wallet balances and renewing subscriptions without additional payment. The vulnerability exploits missing transaction deduplication in plugin/PayPalYPT/ipn.php, while newer v2 handlers correctly implement deduplication. CVSS 6.5 reflects high integrity impact with network accessibility and low attack complexity, though exploitation requires valid subscription credentials.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-5372 MEDIUM PATCH This Month

SQL injection in runZero Platform versions 4.0.260123.0 through 4.0.260123.0 allows authenticated high-privileged users to execute arbitrary SQL commands via improperly sanitized saved query parameters, potentially leading to unauthorized data access, modification, or deletion. The vulnerability requires high privileges, user interaction, and non-standard attack complexity, resulting in a CVSS 6.4 medium severity rating. Vendor-released patch version 4.0.260123.1 addresses the issue.

SQLi Platform
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-35605 MEDIUM PATCH GHSA This Month

File Browser versions prior to 2.63.1 contain a path traversal vulnerability in the Matches() function that fails to enforce directory boundaries when evaluating access control rules. An attacker can bypass intended access restrictions by exploiting the use of strings.HasPrefix() without trailing directory separators, allowing a rule intended to restrict access to /uploads to inadvertently grant or deny access to similarly-named directories such as /uploads_backup/. This affects all File Browser versions before 2.63.1 and requires network access but no authentication or user interaction; no public exploit code or active exploitation has been confirmed at time of analysis.

Path Traversal Filebrowser
NVD GitHub
CVSS 4.0
6.3
EPSS
0.1%
CVE-2026-28810 MEDIUM PATCH This Month

Erlang/OTP kernel inet_res DNS resolver uses predictable sequential transaction IDs and lacks source port randomization, enabling DNS cache poisoning attacks against systems relying on this resolver in untrusted network environments. Affects OTP 17.0 through 28.4.2 (and specific patch versions 27.3.4.10, 26.2.5.19); unauthenticated remote attackers who can observe or predict DNS query patterns can forge DNS responses to redirect traffic or execute man-in-the-middle attacks. Vendor-released patches available; no public exploit code or active exploitation confirmed.

Information Disclosure Otp
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.1%
CVE-2026-39837 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) in the Mediawiki Cargo Extension before version 3.8.7 allows authenticated users to inject malicious scripts via improper neutralization of HTML tags, enabling persistent client-side attacks against other users viewing affected content. The vulnerability requires user interaction (page view) but grants attackers the ability to modify page content and session information for victims, with CVSS 6.3 reflecting medium severity and EPSS exploitation probability not independently confirmed from available data.

XSS Mediawiki Cargo Extension
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-39841 MEDIUM PATCH This Month

Stored XSS vulnerability in Wikimedia Cargo Extension before 3.8.7 allows authenticated users with page editing permissions to inject malicious scripts via improper neutralization of HTML script tags, enabling attackers to execute arbitrary JavaScript in the context of other users' browsers when stored content is viewed. The vulnerability requires user interaction (page view) and authenticated access but carries high scope impact on integrity and confidentiality through script injection in a collaborative wiki environment.

XSS Mediawiki Cargo Extension
NVD VulDB
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-39839 MEDIUM PATCH This Month

Stored XSS in Wikimedia Cargo Extension before 3.8.7 allows authenticated users with page editing privileges to inject malicious scripts via improper HTML tag neutralization, affecting all installations of the extension using vulnerable versions. The vulnerability requires user interaction (page view) to trigger, and impacts script integrity and site integrity for affected wiki installations. No public exploit code or active exploitation has been reported at the time of analysis.

XSS Mediawiki Cargo Extension
NVD
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-34371 MEDIUM PATCH This Month

Arbitrary file write in LibreChat prior to 0.8.4 allows authenticated users to overwrite arbitrary server files via path traversal in code artifact filenames. The vulnerability affects LibreChat deployments using the default local file storage strategy, where the execute_code sandbox returns a user-controllable filename that is concatenated directly into the file write path without sanitization. An authenticated attacker can craft malicious artifact names containing traversal sequences (e.g., ../../../../../app/client/dist/poc.txt) to write files outside the intended directory, potentially compromising application integrity or enabling remote code execution through client-side file injection.

Path Traversal Librechat
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-39321 MEDIUM PATCH GHSA This Month

Parse Server versions prior to 9.8.0-alpha.6 and 8.6.74 leak valid usernames through timing side-channel attacks on the login endpoint, allowing unauthenticated attackers to enumerate existing user accounts by measuring response latency differences between non-existent users and incorrect password attempts. The vulnerability exploits inadequate constant-time comparison in password verification, enabling account enumeration without authentication and with moderate attack complexity.

Information Disclosure Node.js
NVD GitHub
CVSS 4.0
6.3
EPSS
0.0%
CVE-2026-35406 MEDIUM PATCH GHSA This Month

Aardvark-dns enters an unrecoverable infinite error loop consuming 100% CPU when processing a truncated TCP DNS query followed by a connection reset, causing denial of service to DNS resolution services. The vulnerability affects the aardvark-dns container DNS service and requires local network access to trigger. No public exploit code or active exploitation has been identified, but the trivial attack vector (malformed DNS packets) and high CPU impact make this a practical denial-of-service risk for containerized deployments.

Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-13044 MEDIUM PATCH This Month

IBM Concert versions 1.0.0 through 2.2.0 create temporary files with predictable names, allowing local unauthenticated attackers to overwrite arbitrary files through symlink attacks. An attacker with local system access can exploit this insecure temporary file handling to modify critical application or system files, achieving high integrity impact. No public exploit code or active exploitation has been confirmed at time of analysis.

IBM Information Disclosure
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-39336 MEDIUM PATCH This Month

Stored cross-site scripting in ChurchCRM prior to version 7.1.0 allows authenticated administrators with high privileges to inject malicious scripts through configuration fields, Person editor defaults, and self-registration form defaults, which are then rendered without sanitization when accessed by other administrators or users. The vulnerability requires admin interaction to exploit (UI:R) and affects confidentiality and integrity but not availability. No public exploit code or active exploitation has been identified.

XSS Crm
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-39335 MEDIUM PATCH This Month

Stored XSS in ChurchCRM prior to 7.1.1 allows authenticated administrators to inject malicious scripts via group remove controls and family editor state/country fields. The vulnerability requires high-privilege account access and user interaction to trigger, making it an admin-to-admin attack surface rather than a direct threat to end-users. ChurchCRM 7.1.1 and later contain the fix.

XSS Crm
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-70844 MEDIUM This Month

Stored cross-site scripting (XSS) in yaffa v2.0.0 allows unauthenticated remote attackers to inject malicious JavaScript via the 'Add Account Group' function, enabling arbitrary script execution in the browsers of users who view the affected page. The vulnerability requires user interaction (clicking/viewing) to trigger but can compromise account confidentiality and integrity for affected users. EPSS exploitation probability is minimal at 0.02%, indicating low real-world exploitation likelihood despite the moderate CVSS score of 6.1.

RCE XSS Code Injection
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-35491 MEDIUM PATCH This Month

Pi-hole FTL versions 6.0 through 6.5 allow authenticated local users with CLI API session privileges to bypass authorization controls and overwrite configuration settings via Teleporter archive imports. The vulnerability exists because the /api/teleporter endpoint incorrectly permits CLI-scoped sessions (intended to be read-only) to execute privileged Teleporter operations, while the /api/config endpoint correctly enforces restrictions. This authentication bypass is fixed in Pi-hole FTL 6.6.

Authentication Bypass Ftl
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-34765 MEDIUM PATCH GHSA This Month

Electron's window.open() handler fails to properly scope named-window lookups to the opener's browsing context group, allowing a renderer to hijack an existing child window opened by a different renderer and potentially inherit elevated webPreferences including privileged preload scripts. This affects Electron versions before 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5, and poses a remote code execution risk only in applications that open multiple top-level windows with differing trust levels and grant child windows elevated permissions via setWindowOpenHandler. No public exploit identified at time of analysis.

Microsoft RCE Information Disclosure
NVD GitHub
CVSS 3.1
6.0
EPSS
0.1%
CVE-2026-1079 MEDIUM PATCH This Month

Remote code execution via malicious websites targeting Pega Browser Extension (PBE) allows unauthenticated attackers to trigger unexpected message boxes and cause availability impact on affected systems. All versions of Pega Browser Extension prior to 3.1.45 are vulnerable; the attack requires user interaction (navigation to a malicious website) but no special privileges. CVSS 6.0 score reflects the moderate severity with high availability impact potential. No active exploitation or public exploit code has been identified at the time of analysis.

Authentication Bypass Pega Browser Extension Pbe
NVD
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-5376 MEDIUM PATCH This Month

Session inactivity timeouts fail to trigger in runZero Platform due to automatic page reloading, allowing authenticated administrators to maintain unauthorized access beyond intended session expiration windows. This CWE-613 resource control vulnerability affects runZero Platform versions prior to 4.0.260203.0 and requires high-privilege authentication, with confirmed confidentiality and integrity impacts. No public exploit code or active exploitation has been reported.

Information Disclosure Platform
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-5384 MEDIUM PATCH This Month

Credential scope bypass in runZero Platform allows high-privileged administrators to update credentials and apply them to tasks outside their authorized organization scope, resulting in unauthorized information disclosure. The vulnerability affects runZero Platform versions prior to 4.0.26021.0 and requires administrative privileges to exploit. No public exploit code or confirmed active exploitation has been identified.

Authentication Bypass Platform
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-5374 MEDIUM PATCH This Month

Runzero Platform versions prior to 4.0.260202.0 allow authenticated administrators with high privileges to access remediation and asset information across organizational boundaries through MCP agents, exposing sensitive data from unauthorized organization scopes. The vulnerability stems from improper authorization controls (CWE-863) and requires high-privilege account compromise to exploit, carrying a CVSS score of 5.8 (Medium). Vendor-released patch version 4.0.260202.0 resolves this issue.

Authentication Bypass Platform
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-5378 MEDIUM PATCH This Month

runZero Platform allows high-privileged administrators to create and update users outside their authorized organization scope due to improper authorization checks, enabling privilege escalation and cross-organizational user manipulation. Versions prior to 4.0.260203.0 are affected. The vulnerability requires high-privilege authentication but can impact multiple organizations within a multi-tenant deployment, making it a significant risk for runZero deployments where administrative role separation is enforced.

Authentication Bypass Platform
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2025-24819 MEDIUM This Month

Relative path traversal in Nokia MantaRay NM Software Manager allows authenticated local network attackers to read sensitive files on the affected system. The vulnerability stems from improper validation of input parameters in the file system handling code, enabling an attacker with local network access and low privileges to enumerate and access files outside the intended directory structure without modifying or disrupting them. No public exploit code or active exploitation has been confirmed at the time of analysis.

Nokia Path Traversal
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-5736 MEDIUM GHSA This Month

SQL injection in PowerJob 5.1.0 through 5.1.2 allows remote attackers to execute arbitrary SQL queries via the customQuery parameter in the detailPlus endpoint of InstanceController.java, potentially enabling unauthorized data access or modification. The vulnerability is remotely exploitable without authentication (CVSS 6.9, EPSS P), with a GitHub pull request indicating a fix is under review but not yet released as a patched version.

Java SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-27315 MEDIUM PATCH GHSA This Month

Apache Cassandra 4.0 through 4.0.19 stores cleartext passwords and other sensitive command history in the ~/.cassandra/cqlsh_history file without redaction, allowing local authenticated users to extract credentials via direct file access. Vendor-released patch available in version 4.0.20; exploitation requires local file system access and existing user privileges but poses significant risk in multi-tenant or shared system environments.

Apache Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-5745 MEDIUM PATCH This Month

Libarchive's archive_acl_from_text_nl() function fails to validate malformed ACL strings before dereferencing pointers, allowing local attackers to crash applications that process untrusted archives via specially crafted ACL fields. This NULL pointer dereference results in denial of service with high availability impact. CVSS 5.5 reflects local attack vector and user interaction requirement; no public exploit code or active exploitation confirmed at analysis time.

Denial Of Service Null Pointer Dereference Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +3
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-65116 MEDIUM PATCH This Month

Buffer overflow in Hitachi JP1/IT Desktop Management suite and Job Management Partner 1 software on Windows allows local authenticated users to cause denial of service by triggering memory corruption in affected manager and client components. The vulnerability spans multiple product lines and versions, with CVSS 5.5 indicating moderate local attack surface; active exploitation status not confirmed.

Buffer Overflow Microsoft
NVD
CVSS 3.1
5.5
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy