Skip to main content
CVE-2026-2838 MEDIUM This Month

Stored Cross-Site Scripting (XSS) in Whole Enquiry Cart for WooCommerce plugin allows authenticated administrators to inject arbitrary JavaScript via the 'woowhole_success_msg' parameter, affecting all versions up to 1.2.1. The injected scripts execute for all users viewing affected pages, but exploitation is restricted to multi-site WordPress installations or sites with unfiltered_html disabled, and requires administrator-level privileges. No public exploit code or active exploitation has been identified at time of analysis.

WordPress XSS
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-24511 MEDIUM PATCH This Month

Dell PowerScale OneFS versions 9.5.0.0 through 9.10.1.6 and 9.11.0.0 through 9.13.0.0 disclose sensitive information through error messages accessible to high-privileged local attackers. The vulnerability stems from improper error handling (CWE-209) that exposes confidential data in system responses, requiring local access and administrative privileges to exploit. With a CVSS score of 4.4 reflecting high confidentiality impact but low attack complexity and no public exploit identified at time of analysis, this represents a moderate risk primarily to organizations where insider threats or compromised admin accounts pose concerns.

Dell Information Disclosure
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-4330 MEDIUM This Month

Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress versions up to 8.8.3 allow authenticated attackers with Subscriber-level access to modify, reschedule, or delete other users' scheduled social media posts through authorization bypass in AJAX handlers. The vulnerability stems from insufficient validation of user-controlled 'b2s_id' parameters before performing UPDATE and DELETE operations, enabling privilege escalation within multi-user WordPress environments. No public exploit code or active exploitation has been reported, but the low CVSS complexity and minimal authentication barrier (Subscriber role) make this a practical attack vector in shared hosting scenarios.

WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5918 MEDIUM PATCH This Month

Google Chrome prior to version 147.0.7727.55 contains an information disclosure vulnerability in the Navigation component that allows a remote attacker with a compromised renderer process to leak cross-origin data via a crafted HTML page. The vulnerability requires user interaction and only affects confidentiality (CVSS 4.3), with an extremely low EPSS score of 0.03% indicating minimal real-world exploitation probability despite the unauthenticated attack vector.

Google Information Disclosure Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5906 MEDIUM PATCH This Month

Omnibox spoofing in Google Chrome on Android prior to version 147.0.7727.55 allows remote attackers to deceive users by displaying falsified URL bar contents through a crafted HTML page, enabling phishing and social engineering attacks without requiring user interaction beyond visiting a malicious site. Despite a low CVSS score of 4.3 and minimal EPSS exploitation probability (0.03%), the vulnerability has real-world impact because attackers can trick users into believing they are on legitimate domains while actually on attacker-controlled pages.

Google Information Disclosure Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5898 MEDIUM PATCH This Month

UI spoofing in Google Chrome on iOS prior to version 147.0.7727.55 allows remote attackers to deceive users through malicious HTML pages that manipulate the Omnibox security indicator, enabling phishing or credential theft without code execution. The vulnerability requires user interaction and has low confidentiality impact, reflected in both the CVSS score of 4.3 and minimal EPSS score of 0.03%, indicating limited real-world exploitation likelihood despite public discoverability.

Apple Information Disclosure Google Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5897 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Downloads interface prior to version 147.0.7727.55 allows remote attackers to deceive users into performing unintended actions via crafted HTML pages exploiting incorrect security UI rendering. The vulnerability requires user interaction with specific UI gestures on a malicious webpage, resulting in limited integrity impact through visual deception rather than code execution or data exfiltration. Although marked as low severity by Chromium and carrying minimal exploitation probability (EPSS 0.03%), the attack surface is broad given Chrome's prevalence as a target for social engineering.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5882 MEDIUM PATCH This Month

UI spoofing in Google Chrome fullscreen mode prior to version 147.0.7727.55 allows remote attackers to deceive users with crafted HTML pages displaying fake security UI elements, potentially leading to credential theft or malware distribution through trusted-looking interface impersonation. The vulnerability requires user interaction (clicking/navigating to the malicious page) but poses moderate integrity risk due to the deceptive nature of fullscreen UI manipulation. No active exploitation has been confirmed, though the attack vector is straightforward for mass phishing campaigns.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5878 MEDIUM PATCH This Month

UI spoofing via incorrect security UI rendering in Google Chrome's Blink engine allows remote attackers to deceive users into trusting malicious content through crafted HTML pages, affecting Chrome versions prior to 147.0.7727.55. The attack requires user interaction (clicking or viewing the malicious page) but no authentication. While assigned Medium severity by Google and carrying low EPSS exploitation probability (0.03%, 10th percentile), the integrity impact centers on user trust and phishing enablement rather than code execution.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5891 MEDIUM PATCH This Month

UI spoofing in Google Chrome prior to version 147.0.7727.55 allows remote attackers with a compromised renderer process to deceive users through crafted HTML pages. The vulnerability requires prior renderer compromise, limiting real-world exploitation to scenarios where an attacker has already achieved code execution within the browser's sandboxed rendering context. No active exploitation confirmed; EPSS score of 0.03% indicates minimal exploitation probability.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5880 MEDIUM PATCH This Month

Omnibox spoofing in Google Chrome prior to 147.0.7727.55 allows remote attackers with a compromised renderer process to spoof the URL bar contents via crafted HTML, deceiving users about the actual page origin. The vulnerability requires renderer process compromise (post-sandbox-escape condition) and user interaction, limiting real-world exploitation to multi-stage attacks. Patch available in Chrome 147.0.7727.55 and later; EPSS score of 0.03% reflects low autonomous exploitation likelihood despite medium CVSS rating.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5869 MEDIUM PATCH This Month

Heap buffer overflow in WebML (a web markup language component) in Google Chrome prior to version 147.0.7727.55 allows remote attackers to obtain potentially sensitive information from process memory by serving a crafted HTML page. The vulnerability requires no user authentication and can be triggered through normal web browsing, though exploitation has a low probability (EPSS 0.03%) and no public exploit code has been identified.

Google Buffer Overflow Heap Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5867 MEDIUM PATCH This Month

Heap buffer overflow in WebML component of Google Chrome prior to version 147.0.7727.55 allows unauthenticated remote attackers to read sensitive information from process memory via a specially crafted HTML page. The vulnerability requires no user authentication and only user interaction (page visit), with a CVSS score of 6.5 reflecting confidentiality impact and limited availability risk. No public exploit code or active exploitation has been confirmed at time of analysis, though a vendor patch is available.

Google Buffer Overflow Heap Overflow Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5864 MEDIUM PATCH This Month

Heap buffer overflow in Google Chrome's WebAudio component prior to version 147.0.7727.55 allows unauthenticated remote attackers to read sensitive information from process memory by serving a crafted HTML page. The vulnerability has a CVSS score of 6.5 and EPSS probability of 0.03% (8th percentile), indicating low real-world exploitation likelihood despite the network attack vector and lack of user interaction requirements. Vendor-released patch is available.

Google Buffer Overflow Heap Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-0814 MEDIUM This Month

Export sensitive Contact Form 7 submissions without proper authorization in Advanced Contact form 7 DB plugin for WordPress versions up to 2.0.9 allows authenticated attackers with Subscriber-level or higher permissions to export form data to Excel files due to a missing capability check on the 'vsz_cf7_export_to_excel' function. While the CVSS score of 4.3 reflects low severity and no public exploit code exists, the vulnerability enables unauthorized data access on any WordPress site using this plugin, affecting site administrators managing contact form submissions that may contain sensitive user information.

WordPress Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-33460 MEDIUM This Month

Kibana's Fleet agent management endpoint fails to enforce space-scoped access controls, allowing authenticated users with Fleet privileges in one space to retrieve sensitive Fleet Server policy details from unauthorized spaces including policy names, operational identifiers, and infrastructure linkage information. The vulnerability affects Kibana across multiple versions and requires valid user authentication with Fleet agent management permissions, resulting in cross-space information disclosure without the ability to modify data.

Authentication Bypass Elastic Information Disclosure
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5887 MEDIUM PATCH This Month

Google Chrome on Windows prior to version 147.0.7727.55 fails to properly validate user input in the Downloads functionality, allowing remote attackers to bypass download restrictions through a crafted HTML page. The vulnerability requires user interaction (clicking a link or visiting a malicious page) but has low real-world impact-it enables integrity bypass only, not code execution or confidentiality breaches. No public exploit code or active exploitation has been identified; the low EPSS score (0.02%) reflects minimal practical risk despite the network attack vector.

Authentication Bypass Google Microsoft Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39572 MEDIUM This Month

Sensitive system information exposure in magepeopleteam Bus Ticket Booking with Seat Reservation plugin (versions prior to 5.6.5) allows remote, unauthenticated attackers to retrieve embedded sensitive data via network access with high complexity exploitation. The vulnerability carries low real-world risk with EPSS score of 0.02% (5th percentile) and no confirmed active exploitation, though it may expose configuration details or internal system information to unauthorized parties.

Information Disclosure Bus Ticket Booking With Seat Reservation
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39566 MEDIUM This Month

DirectoryPress WordPress plugin versions 3.6.26 and earlier expose sensitive system information through an information disclosure vulnerability that allows unauthenticated remote attackers to retrieve embedded sensitive data with high attack complexity. The vulnerability has a CVSS score of 4.0 with low confidentiality impact and affects the scope beyond the vulnerable component. No public exploit code or active exploitation has been identified at the time of analysis, though the EPSS score of 0.02% suggests minimal real-world exploitation likelihood.

Information Disclosure Directorypress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39469 MEDIUM This Month

Softaculous PageLayer WordPress plugin through version 2.0.8 allows authenticated users to retrieve embedded sensitive data through exposure of information to an unauthorized control sphere. The vulnerability has a low CVSS score of 4.3 and an extremely low EPSS percentile of 5%, indicating minimal real-world exploitation probability despite requiring authenticated access. No active exploitation or public exploit code has been identified at time of analysis.

Information Disclosure Pagelayer
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39653 MEDIUM This Month

Missing authorization in Deepen Bajracharya's Video Conferencing with Zoom WordPress plugin through version 4.6.6 allows authenticated attackers to modify video conference data via broken access control. The plugin fails to properly validate whether users have permission to access or modify specific conference resources, enabling privilege escalation within the plugin's functionality. CVSS 4.3 reflects limited integrity impact; EPSS 0.02% (percentile 4%) suggests exploitation is unlikely in practice despite the authorization defect.

Authentication Bypass Video Conferencing With Zoom
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39627 MEDIUM This Month

Missing authorization in the Ashe WordPress theme through version 2.266 allows unauthenticated remote attackers to access restricted functionality through incorrectly configured access control security levels. The vulnerability requires user interaction and is limited to low-impact information disclosure, with a CVSS score of 4.3 and minimal exploitation probability (EPSS 0.02%), indicating this is a low-priority authorization bypass rather than a critical vulnerability.

Authentication Bypass Ashe
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39592 MEDIUM This Month

Missing authorization controls in the DEPART WordPress plugin (versions up to 1.0.7) allow authenticated attackers to access sensitive functionality by exploiting incorrectly configured access control security levels. The vulnerability requires valid user credentials but grants low-confidentiality access through broken authorization checks. While EPSS scoring indicates minimal real-world exploitation probability (0.02%, 4th percentile), the flaw represents a critical architectural weakness in permission enforcement that could enable privilege escalation or data disclosure depending on plugin functionality.

Authentication Bypass Depart
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39565 MEDIUM This Month

WpTravelly tour-booking-manager plugin through version 2.1.7 allows authenticated users to access sensitive information via broken access control, enabling privilege escalation within WordPress sites. The vulnerability requires user authentication and network access but does not permit modification or denial of service, affecting all WpTravelly installations up to the specified version. EPSS exploitation probability is minimal at 0.02%, and no public exploit code has been identified.

Authentication Bypass Wptravelly
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39506 MEDIUM This Month

Missing authorization controls in Jordy Meow AI Engine (Pro) WordPress plugin versions prior to 3.4.2 allow authenticated users to modify content they should not have permission to access due to incorrectly configured access control security levels. The vulnerability requires authenticated access (CVSS PR:L) and affects integrity but not confidentiality or availability. With an EPSS score of 0.02% (4th percentile) and no evidence of active exploitation, this represents a low real-world risk despite the authentication bypass tag, primarily affecting multi-user WordPress installations where privilege escalation is possible.

Authentication Bypass Ai Engine Pro
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39485 MEDIUM This Month

Missing authorization in embedplus Youtube Embed Plus plugin versions up to 14.2.4 allows authenticated users to access restricted functionality through incorrectly configured access controls, resulting in limited information disclosure. The vulnerability affects all installations of Youtube Embed Plus from version 0 through 14.2.4, requires authenticated access (PR:L), and carries low real-world risk with EPSS score of 0.02% (4th percentile) despite CVSS 4.3 rating.

Authentication Bypass Youtube Embed Plus
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39477 MEDIUM This Month

Missing authorization in Brainstorm Force CartFlows WordPress plugin versions up to 2.2.3 allows authenticated attackers to modify data through incorrectly configured access control, enabling unauthorized changes to plugin settings or resources. CVSS 4.3 (low severity) with EPSS 0.02% indicates limited real-world exploitation probability; the vulnerability requires prior authentication and does not enable code execution or confidentiality breaches.

Authentication Bypass Cartflows
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39476 MEDIUM This Month

Missing authorization in Syed Balkhi User Feedback plugin versions up to 1.10.1 allows authenticated users to access sensitive feedback data and functionalities they should not have permission to view or modify, due to incorrectly configured access control security levels. With CVSS 4.3 and EPSS 0.02%, this represents a low-probability real-world exploitation risk, though it affects WordPress installations using this plugin.

Authentication Bypass User Feedback
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5911 MEDIUM PATCH This Month

Content security policy bypass in Google Chrome prior to version 147.0.7727.55 allows remote attackers to bypass CSP protections via ServiceWorker policy manipulation when users interact with crafted HTML pages. The vulnerability requires user interaction (UI:R in CVSS) and results in integrity impact only; EPSS exploitation probability is minimal at 0.02%, and Chromium rates the security severity as low despite the policy bypass nature.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5900 MEDIUM PATCH This Month

Google Chrome versions prior to 147.0.7727.55 contain a policy bypass vulnerability in the Downloads feature that allows remote attackers to circumvent multi-download protections through a crafted HTML page. The vulnerability requires user interaction (clicking or accepting a download), affects integrity only (no code execution or availability impact), and carries a low Chromium severity rating. EPSS exploitation probability is minimal at 0.02% (3rd percentile), indicating this is primarily a user-experience or policy-enforcement issue rather than a critical security risk.

Authentication Bypass Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5894 MEDIUM PATCH This Month

Google Chrome prior to version 147.0.7727.55 contains an inappropriate PDF implementation that allows remote attackers to bypass navigation restrictions via a crafted HTML page. The vulnerability requires user interaction to trigger and offers low real-world risk, with an EPSS score of 0.02% (3rd percentile) indicating minimal exploitation probability despite its network-accessible attack vector. A vendor-released patch is available.

Google Authentication Bypass Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5875 MEDIUM PATCH This Month

UI spoofing via policy bypass in Blink rendering engine in Google Chrome prior to version 147.0.7727.55 allows remote attackers to deceive users through crafted HTML pages. The vulnerability requires user interaction (clicking or viewing) but needs no authentication, affecting all Chrome users on unpatched versions. Chromium security team rated this as Medium severity; EPSS score of 0.02% indicates low real-world exploitation probability despite public disclosure.

Google Authentication Bypass Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4141 MEDIUM This Month

Cross-Site Request Forgery (CSRF) in the Quran Translations WordPress plugin versions up to 1.7 allows unauthenticated attackers to modify plugin settings by tricking site administrators into clicking a malicious link. The vulnerability stems from missing nonce validation in the quran_playlist_options() function, which processes POST requests to update options like PDF, RSS, podcast, and media player display settings without cryptographic request verification. No public exploit code or active exploitation has been identified at time of analysis.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-2619 MEDIUM PATCH This Month

GitLab EE versions 18.6-18.8.8, 18.9-18.9.4, and 18.10-18.10.2 allow authenticated users with auditor role privileges to modify vulnerability flag data in private projects due to improper authorization checks. The vulnerability requires valid GitLab credentials and auditor-level access but enables unauthorized data integrity compromise within project security contexts.

Authentication Bypass Gitlab
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-2104 MEDIUM PATCH This Month

GitLab CE/EE versions 18.2-18.10.2 allow authenticated users to export confidential issues assigned to other users via CSV export due to missing authorization validation. The vulnerability affects approximately three release branches with a moderate CVSS score of 4.3, limited by the requirement for prior authentication and lack of integrity impact, but represents a direct confidentiality breach in multi-tenant environments where issue classification is a security boundary.

Authentication Bypass Gitlab
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-9484 MEDIUM PATCH This Month

Authenticated users in GitLab EE versions 16.6-18.8.8, 18.9-18.9.4, and 18.10-18.10.2 can expose other users' email addresses through specific GraphQL queries due to improper authorization checks. An authenticated attacker can enumerate valid user accounts and retrieve their email addresses without additional privileges, violating confidentiality. No public exploit code or active exploitation has been confirmed; patches are available in GitLab 18.8.9, 18.9.5, and 18.10.3.

Authentication Bypass Gitlab
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-1673 MEDIUM This Month

Cross-Site Request Forgery in BEAR - Bulk Editor and Products Manager Professional for WooCommerce (all versions up to 1.1.5) allows unauthenticated attackers to delete WooCommerce taxonomy terms via a malicious link that tricks site administrators or shop managers into performing an action. The vulnerability stems from missing nonce validation on the woobe_delete_tax_term() function, enabling integrity compromise with low CVSS impact (4.3) but requiring user interaction.

WordPress CSRF
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-1752 MEDIUM PATCH This Month

GitLab EE versions 11.3 through 18.10.2 allow authenticated developers to modify protected environment settings through improper authorization checks in the API, enabling privilege escalation within project scope. The vulnerability requires valid developer credentials and network access but allows an attacker to alter security-critical environment configurations without appropriate permissions. CVSS 4.3 (low severity) reflects limited scope and integrity-only impact; no public exploit or active exploitation via CISA KEV has been confirmed.

Authentication Bypass Gitlab
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-5889 MEDIUM PATCH This Month

Cryptographic weakness in PDFium allows unauthenticated remote attackers to decrypt and read sensitive information from password-protected PDFs through brute-force attacks when users view malicious or compromised PDF files in Google Chrome versions prior to 147.0.7727.55. The vulnerability requires user interaction (opening a PDF) but combines weak cryptographic design (CWE-326) with low attack complexity, making it feasible for attackers to extract confidential content from encrypted documents. EPSS score of 0.01% indicates minimal real-world exploitation likelihood despite Chromium's medium severity classification.

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39618 MEDIUM This Month

Cross-Site Request Forgery in themearile NewsExo WordPress theme versions through 7.1 allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users with user interaction (clicking a malicious link). The vulnerability has a CVSS score of 4.3 with low integrity impact but no confidentiality or availability impact. EPSS exploitation probability is negligible at 0.01%, and no public exploit code or active exploitation has been confirmed.

CSRF Newsexo
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-39413 MEDIUM PATCH GHSA This Month

LightRAG API authentication can be bypassed via JWT algorithm confusion attack, where an attacker forges tokens by specifying 'alg': 'none' in the JWT header to impersonate any user including administrators. The vulnerability exists in the validate_token() method in lightrag/api/auth.py (line 128), which accepts the unsigned 'none' algorithm despite not explicitly permitting it, allowing unauthenticated remote attackers to gain unauthorized access to protected resources. Publicly available proof-of-concept code demonstrates the attack; vendor has released a patch addressing the root cause of improper algorithm validation.

Python Jwt Attack Authentication Bypass
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-1163 MEDIUM GHSA This Month

Insufficient session expiration in parisneo/lollms allows authenticated attackers with high privileges to maintain unauthorized account access after a victim resets their password, due to failure to invalidate active sessions and excessively long default session duration (31 days). The vulnerability requires prior compromise and high privileges but enables persistent access to accounts with confidentiality, integrity, and availability impact. No public exploit code or active exploitation has been confirmed.

Information Disclosure Parisneo Lollms
NVD
CVSS 3.0
4.1
EPSS
0.0%
CVE-2026-34166 LOW PATCH GHSA Monitor

The replace filter in LiquidJS (Node.js npm package) fails to correctly account for memory usage when memoryLimit is enabled, allowing remote attackers to bypass DoS protections with approximately 2,500x memory amplification by crafting templates where the replace operation produces quadratically larger output than the charged memory cost. Deployments with memoryLimit explicitly configured to protect against untrusted template input can suffer out-of-memory crashes; patch available in v10.25.3.

Node.js Denial Of Service
NVD GitHub
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-35400 LOW PATCH Monitor

LORIS (Longitudinal Online Research and Imaging System) versions 20.0.0 through 27.0.2 and 28.0.0 allow authenticated users with publication module access to forge emails appearing to originate from LORIS by submitting a malicious baseURL parameter in POST requests, enabling email spoofing attacks against external recipients. The vulnerability requires user interaction (email recipient click) and publication module privileges but could facilitate social engineering or phishing campaigns. Fixed in versions 27.0.3 and 28.0.1.

Information Disclosure Loris
NVD GitHub
CVSS 3.1
3.5
EPSS
0.0%
CVE-2026-28264 LOW PATCH Monitor

Dell PowerProtect Agent prior to version 20.1 allows low-privileged local attackers to read sensitive information through incorrect permission assignment on critical resources. The vulnerability requires local access and existing user privileges but can expose confidential data without requiring user interaction or elevated permissions.

Dell Information Disclosure
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-39510 LOW Monitor

WP Chill Image Photo Gallery Final Tiles Grid plugin versions up to 3.6.11 allow authenticated high-privilege administrators to modify image gallery settings through improper access control checks on user-supplied parameters, enabling limited integrity compromise of gallery configurations. The vulnerability has an extremely low EPSS score (0.02%, 4th percentile) and requires high-privilege credentials (PR:H), significantly limiting real-world exploitability despite network accessibility.

Authentication Bypass Image Photo Gallery Final Tiles Grid
NVD
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-4916 LOW PATCH Monitor

Improper authorization checks in GitLab CE/EE versions 18.2-18.10.2 allow authenticated users with custom role permissions to demote or remove higher-privileged group members, violating role-based access control boundaries. The vulnerability requires high-privilege authentication and results only in integrity compromise (member privilege modification), not data exposure or availability loss. CVSS score of 2.7 reflects the restricted attack surface, though the reputational and operational risk of privilege escalation via role abuse warrants timely patching.

Authentication Bypass Gitlab
NVD VulDB
CVSS 3.1
2.7
EPSS
0.0%
CVE-2026-34720 LOW PATCH Monitor

Zammad prior to versions 7.0.1 and 6.5.4 fails to validate that Single Sign-On (SSO) headers originate from trusted proxy/gateway sources before processing them, allowing authenticated attackers with particular preconditions to cause limited information disclosure. The vulnerability requires authentication, high attack complexity, and specific preconditions (AT:P in CVSS 4.0 vector), resulting in a low real-world risk profile despite network accessibility.

Information Disclosure Zammad
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-34248 LOW PATCH Monitor

Zammad prior to 7.0.1 improperly discloses internal ticket fields to customers within shared organizations, allowing them to view restricted fields such as priority and custom internal attributes when accessing tickets from other organization members. This information disclosure vulnerability requires customer-level authentication and user interaction to exploit, and has a very low CVSS score of 2.1 reflecting minimal confidentiality impact with no ability to modify exposed data.

Authentication Bypass Zammad
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-39398 MEDIUM PATCH GHSA This Month

openclaw-claude-bridge v1.1.0 incorrectly disables CLI tool access by passing --allowed-tools "" to the Claude Code subprocess, when the correct flag to disable tools is --tools. The --allowed-tools flag only controls which tools auto-approve without prompts; all CLI tools (Read, Write, Bash, WebFetch, etc.) remain nominally available. Users deploying the bridge to handle untrusted prompts or in gateway contexts may unknowingly operate without the sandboxing protections claimed in the README, exposing systems to prompt-injection attacks that could trigger arbitrary code execution in the process context. Vendor-released patch: v1.1.1 (commit 8a296f5).

AI / ML RCE
NVD GitHub
Prev Page 10 of 10

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy