Skip to main content
CVE-2026-30075 HIGH This Week

Buffer overflow in OpenAirInterface 2.2.0 AUSF component crashes service when processing oversized NAS PDU Authentication Response via UplinkNASTransport messages. Unauthenticated remote attackers can send malformed authentication responses (e.g., 100-byte payloads exceeding expected bounds) triggering AUSF component crash, preventing legitimate user registration and verification. Affects 5G core network deployments using OpenAirInterface AUSF. No public exploit identified at time of analysis. CVSS 7.5 High severity due to network-accessible denial of service without authentication requirements.

Buffer Overflow
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-39885 HIGH PATCH GHSA This Week

Server-Side Request Forgery in mcp-from-openapi (<= 2.1.2) allows unauthenticated remote attackers to retrieve cloud metadata credentials, scan internal networks, and read local files by providing malicious OpenAPI specifications containing $ref pointers to internal URLs (http://169.254.169.254/) or file:// paths. The library's json-schema-ref-parser fetches referenced resources without protocol or hostname restrictions during OpenAPI document initialization, enabling AWS/GCP/Azure credential theft and arbitrary file disclosure with no privileges required beyond spec submission.

SSRF Microsoft
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-34392 HIGH PATCH This Week

Path traversal in LORIS neuroimaging research platform (versions 20.0.0 through 27.0.2 and 28.0.0) enables unauthenticated remote attackers to download arbitrary files outside intended directories via malicious requests to static file router endpoints (/static, /css, /js). Vulnerability permits high-impact information disclosure including sensitive research data, configuration files, and potentially database credentials. No public exploit identified at time of analysis. Affects self-hosted LORIS installations across academic and clinical neuroimaging research environments.

Information Disclosure Path Traversal Loris
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-12664 HIGH PATCH This Week

Denial of service in GitLab CE/EE versions 13.0 through 18.10.2 allows unauthenticated remote attackers to exhaust server resources via repeated GraphQL queries. Affects all installations from version 13.0 before patched releases 18.8.9, 18.9.5, and 18.10.3. Attackers can degrade or halt GitLab service availability without authentication, impacting development workflows and CI/CD pipelines. No public exploit identified at time of analysis.

Denial Of Service Gitlab
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50653 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions via malformed name and mem parameters submitted to the /time_group.asp endpoint. The vulnerability requires no user interaction and permits network-based exploitation with low attack complexity. No public exploit identified at time of analysis. EPSS score of 0.02% indicates low observed exploitation activity.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50663 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks via crafted name parameter to /usb_paswd.asp endpoint. Stack-based buffer overflow (CWE-121) triggers memory corruption leading to service disruption. Affects network-accessible administrative interfaces without authentication barrier (CVSS AV:N/PR:N). No public exploit identified at time of analysis. Low observed exploitation activity (EPSS <1%).

D-Link Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50650 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks via malformed routes_static parameter to /router.asp endpoint. The vulnerability permits network-accessible attackers to crash the device without credentials or user interaction. No public exploit identified at time of analysis. CVSS 7.5 (High) reflects complete availability impact with network attack vector and low complexity.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50649 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed vlan_name parameter submitted to /shut_set.asp endpoint. Improper input validation in VLAN configuration interface permits memory corruption leading to system availability disruption. CVSS 7.5 reflects network-accessible attack requiring no user interaction or credentials. No public exploit identified at time of analysis; low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50648 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions via malformed input to the /tggl.asp endpoint. The vulnerability stems from inadequate input validation, allowing network-accessible exploitation without authentication or user interaction. Exploitation results in high-impact availability loss with no confidentiality or integrity compromise. No public exploit identified at time of analysis. EPSS score indicates low observed exploitation activity.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50646 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks through malformed input to the name parameter at /qos_type_asp.asp endpoint. Attackers can trigger service disruption without authentication or user interaction by exploiting insufficient input validation in the QoS management interface. EPSS indicates low observed exploitation activity; no public exploit identified at time of analysis.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50644 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 qj.asp endpoint enables unauthenticated remote denial-of-service attacks through malformed HTTP requests. Insufficient input validation allows attackers to trigger memory corruption, crashing the device and disrupting network services. Confidentiality and integrity remain intact per CVSS scoring, but availability impact is severe. No public exploit identified at time of analysis. EPSS indicates low observed exploitation activity.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50662 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks via crafted name parameter to /url_group.asp endpoint. Attackers can trigger stack-based buffer overflow remotely over network without user interaction, causing high availability impact through service disruption or device crash. No public exploit identified at time of analysis. CVSS 7.5 severity reflects network-accessible attack vector with low complexity.

D-Link Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50660 HIGH This Week

Stack-based buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 allows unauthenticated remote attackers to trigger denial-of-service conditions by sending malformed name parameter values to the /url_member.asp endpoint. The vulnerability enables network-accessible attackers to crash the device without authentication or user interaction, disrupting availability of routing services. No public exploit identified at time of analysis.

D-Link Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50659 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service via malformed custom_error parameter to /user.asp endpoint. Attackers can crash device remotely without credentials by exploiting stack-based buffer overflow (CWE-121). CVSS 7.5 reflects network-accessible, low-complexity attack requiring no user interaction. No public exploit identified at time of analysis; low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50655 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks through malformed name parameter in /thd_group.asp endpoint. Improper input validation triggers stack-based buffer overflow, causing device crashes or service disruption without requiring user interaction. Attack vector is network-accessible with low complexity. No public exploit identified at time of analysis.

D-Link Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50652 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed id parameter input to /saveparm_usb.asp endpoint. Exploitation requires network access to administrative interface without authentication. CWE-120 classification indicates classic buffer overflow allowing memory corruption. CVSS vector confirms network-exploitable, unauthenticated attack path with high availability impact but no data confidentiality or integrity compromise. No public exploit identified at time of analysis.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50647 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed wans parameter input to the qos.asp Quality-of-Service configuration endpoint. Exploitation requires no user interaction and achieves complete availability impact against network infrastructure device. Low observed exploitation activity (EPSS 0.02%, 5th percentile); no public exploit identified at time of analysis.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50654 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks through malformed id parameter in /thd_member.asp endpoint. Exploiting this CWE-120 flaw requires no authentication (CVSS:PR:N) and permits network-based attackers to crash device availability with low complexity. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%). Affects D-Link network infrastructure devices running vulnerable firmware version.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50657 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed pid parameter values in the /trace.asp endpoint. The vulnerability requires no user interaction and is exploitable over the network with low attack complexity, affecting network availability for enterprise routing infrastructure. No public exploit identified at time of analysis.

D-Link Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50673 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 allows unauthenticated remote attackers to trigger denial-of-service conditions by sending malformed http_lanport parameter values to the /webgl.asp endpoint. Network-accessible attack requires no user interaction or privileges. Exploitation causes availability impact only with no confidentiality or integrity compromise. Low observed exploitation activity (EPSS <1%). No public exploit identified at time of analysis.

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50672 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 via /yyxz_dlink.asp endpoint enables unauthenticated network-based denial of service attacks. Improper parameter validation allows remote attackers to crash the device or trigger service interruption without authentication, user interaction, or elevated privileges. CVSS 7.5 (High) severity reflects network accessibility and availability impact. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50669 HIGH This Week

Buffer overflow in D-Link DI-8003 (16.07.26A1) and DI-8003G (19.12.10A1) routers enables unauthenticated remote denial-of-service through improper handling of the wan_ping parameter at the /wan_ping.asp endpoint. Network-accessible attack requires no user interaction or privileges. CVSS:3.1 score 7.5 (High) reflects availability impact. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50668 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed 's' parameter input to the /web_list_opt.asp endpoint. The vulnerability requires no user interaction and is exploitable over the network with low attack complexity. CVSS 7.5 (High) reflects network-accessible DoS impact. No public exploit identified at time of analysis; low observed exploitation activity (EPSS <1%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50667 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial of service via malicious iface parameter to /wan_line_detection.asp endpoint. Attack requires no user interaction and exploits improper input validation in network-accessible web management interface. CVSS 7.5 (High) severity reflects availability impact; no public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-52222 HIGH This Week

Buffer overflow in D-Link enterprise VPN router series (DI-8003, DI-8500, DI-8003G, DI-8200G, DI-8200, DI-8400, DI-8004w, DI-8100, DI-8100G) firmware versions 16.07.26A1 and 17.12.20A1/17.12.21A1 allows unauthenticated remote attackers to trigger denial of service via crafted HTTP requests exploiting rd_en, rd_auth, rd_acct, http_hadmin, http_hadminpwd, rd_key, and rd_ip parameters in radius_asp function. Attack requires no user interaction or authentication (CVSS:3.1 AV:N/AC:L/PR:N/UI:N). No public exploit identified at time of analysis.

Denial Of Service D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-30080 HIGH This Week

Integrity protection bypass in OpenAirInterface v2.2.0 allows unauthenticated network attackers to downgrade 5G security context by forcing acceptance of IA0-only capability during initial UE registration, despite NIA1/NIA2 being configured. Exploitation enables replay attacks against mobile network infrastructure through manipulation of Security Mode Complete messages, compromising session integrity without confidentiality impact. No public exploit identified at time of analysis.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50645 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial of service attacks. Attackers can trigger memory corruption by submitting oversized 's' parameter values to the pppoe_list_opt.asp endpoint without authentication, causing device unavailability. CVSS 7.5 severity reflects network-accessible attack vector with low complexity. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-45059 HIGH This Week

Buffer overflow in D-Link DI-8300 router firmware v16.07.26A1 enables unauthenticated remote attackers to trigger denial of service conditions via malformed input to the fn parameter in tgfile_htm function. Network-accessible attack vector requires no privileges or user interaction. CVSS 7.5 (High) reflects availability impact. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS 0.02%).

Denial Of Service D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-45058 HIGH This Week

Buffer overflow in D-Link DI-8300 router firmware v16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions through malformed fx parameter input to the jingx_asp function. Network-accessible exploitation requires no authentication or user interaction (CVSS AV:N/PR:N/UI:N). Impact limited to availability disruption; no data confidentiality or integrity compromise. No public exploit identified at time of analysis. EPSS 0.02% indicates low observed exploitation activity.

D-Link Buffer Overflow Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-45057 HIGH This Week

Buffer overflow in D-Link DI-8300 router firmware v16.07.26A1 ip_position_asp function enables unauthenticated remote attackers to trigger denial of service through crafted input to the ip parameter. Network-accessible vulnerability requires no user interaction. No public exploit identified at time of analysis. CVSS 7.5 (High) reflects unauthenticated network attack vector with complete availability impact.

D-Link Buffer Overflow Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1092 HIGH PATCH This Week

Denial of service in GitLab CE/EE versions 12.10 through 18.8.8, 18.9 through 18.9.4, and 18.10 through 18.10.2 allows unauthenticated remote attackers to crash GitLab services via malformed JSON payloads. Improper input validation (CWE-1284) enables resource exhaustion attacks without authentication. CVSS 7.5 (High) reflects network-accessible attack with low complexity requiring no user interaction. No public exploit identified at time of analysis. EPSS data unavailable; not listed in CISA KEV.

Denial Of Service Gitlab
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50665 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service attacks through crafted HTTP GET requests to /web_keyword.asp endpoint. Attackers exploit improper input validation in name, en, time, mem_gb2312, and mem_utf8 parameters to trigger memory corruption, causing device unavailability. CVSS 7.5 (High) severity reflects network-accessible attack vector requiring no user interaction or privileges. No public exploit identified at time of analysis; low observed exploitation activity.

D-Link Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50664 HIGH This Week

Stack-based buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial-of-service via malformed HTTP GET request to /user_group.asp endpoint. Attacker sends crafted name, mem, pri, or attr parameters triggering memory corruption and device crash. CVSS 7.5 High severity reflects network-accessible attack requiring no privileges or user interaction. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS <1%).

D-Link Buffer Overflow Stack Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50670 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions via crafted HTTP GET requests to /xwgl_bwr.asp endpoint. Exploitation occurs through oversized name, qq, or time parameters causing memory corruption. CVSS score 7.5 reflects high availability impact without confidentiality or integrity compromise. No public exploit identified at time of analysis, with low observed exploitation activity (EPSS <1%).

D-Link Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50666 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions via crafted HTTP GET requests to /web_post.asp endpoint. Vulnerable parameters include name, en, user_id, log, and time fields. Attack requires no user interaction and exploits improper input validation in web management interface. CVSS 7.5 (High) severity with network-accessible attack vector. No public exploit identified at time of analysis. Low observed exploitation activity (EPSS <1%).

D-Link Buffer Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50671 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote denial of service through the /xwgl_ref.asp endpoint. Attackers exploit improper input validation by sending HTTP GET requests with excessively long strings in eight parameters (name, en, user_id, shibie_name, time, act, log, rpri), causing stack buffer overflow and device crash. Low observed exploitation activity (EPSS <1%). No public exploit identified at time of analysis. Affects network-accessible management interface without authentication requirements.

D-Link Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-50661 HIGH This Week

Buffer overflow in D-Link DI-8003 router firmware 16.07.26A1 enables unauthenticated remote attackers to trigger denial-of-service conditions via crafted HTTP GET requests to the /url_rule.asp endpoint. Exploitation requires no user interaction and succeeds over network access with low complexity. Eight vulnerable parameters (name, en, ips, u, time, act, rpri, log) accept unbounded input causing stack memory corruption. CVSS 7.5 HIGH severity reflects network-accessible availability impact. No public exploit identified at time of analysis. EPSS 0.01% indicates low observed exploitation activity.

D-Link Buffer Overflow Stack Overflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32280 HIGH PATCH This Week

Denial of service in Go's crypto/x509 chain builder allows remote attackers to exhaust server resources by submitting a large number of intermediate certificates during TLS handshake or direct certificate verification. Affects crypto/x509 versions prior to 1.25.9 and 1.26.0-1.26.1. No public exploit identified at time of analysis, though SSVC assessment indicates the attack is automatable. EPSS exploitation probability is minimal (0.01%), suggesting low observed attacker interest despite the network-accessible attack surface and lack of authentication requirements.

Denial Of Service Crypto X509
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32281 HIGH PATCH This Week

Algorithmic complexity denial of service in Go's crypto/x509 library allows remote attackers to cause resource exhaustion via certificate chains containing excessive policy mappings. Affects Go versions <1.25.9 and 1.26.0-1.26.1. Attack requires no authentication (CVSS AV:N/PR:N) but targets only otherwise-trusted certificate chains from roots in the system or configured trust store. EPSS score 0.01% indicates minimal observed exploitation probability. No active exploitation confirmed (not in CI

Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32283 HIGH PATCH This Week

Deadlock in Go's crypto/tls library (versions <1.25.9 and 1.26.0-1.26.1) allows remote unauthenticated attackers to trigger denial of service via multiple TLS 1.3 post-handshake key update messages sent in a single record. CVSS 7.5 (High) with network attack vector and low complexity, but EPSS score of 0.01% (0th percentile) indicates minimal real-world exploitation probability. Vendor-released patches available in Go 1.25.9 and 1.26.2, with no public exploit code identified at time of analysis.

Denial Of Service Crypto Tls
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-32589 HIGH This Week

Red Hat Quay's container image upload mechanism allows authenticated users with push privileges to interfere with concurrent uploads by other users across the entire registry, enabling unauthorized read, modification, or cancellation of in-progress uploads in repositories they cannot access. This cross-repository attack vector affects Red Hat Quay 3.x and Mirror Registry deployments. EPSS score of 0.03% (8th percentile) indicates low predicted exploitation probability in the wild, and CISA SSVC framework rates this as non-automatable with no known exploitation, suggesting targeted risk rather than widespread threat despite the 7.4 CVSS score.

Authentication Bypass Red Hat Mirror Registry For Red Hat Openshift Mirror Registry For Red Hat Openshift 2 Red Hat Quay 3
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-5795 HIGH PATCH GHSA This Week

Privilege escalation in Eclipse Jetty 9.4.0-12.1.7 allows unauthenticated remote attackers to bypass authentication via ThreadLocal variable pollution in JASPIAuthenticator. Early returns from authentication checks fail to clear ThreadLocal values, causing subsequent requests on the same thread to inherit elevated privileges. CVSS 7.4 with high complexity but no authentication required. EPSS and KEV status not provided; no public exploit identified at time of analysis. Affects all major Jetty versions from 9.x through 12.x.

Privilege Escalation Eclipse Jetty
NVD GitHub HeroDevs VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-35455 HIGH PATCH This Week

Stored Cross-Site Scripting in Immich photo management platform versions prior to 2.7.0 enables authenticated attackers to execute arbitrary JavaScript when victims view malicious 360° panorama images with OCR overlay enabled. Attackers upload specially crafted equirectangular images containing malicious text that OCR extracts and the panorama viewer renders unsanitized via innerHTML. Exploitation permits session hijacking through persistent API key creation, exfiltration of private photos, GPS location history theft, and unauthorized access to facial biometric data. No public exploit identified at time of analysis.

XSS Immich
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-30814 HIGH PATCH This Week

Stack-based buffer overflow in TP-Link Archer AX53 v1.0 tmpServer module enables authenticated adjacent attackers to execute arbitrary code via malicious configuration file. Exploitation triggers segmentation fault, permits device state modification, sensitive data exposure, and integrity compromise. Affects firmware versions before 1.7.1 Build 20260213. Requires high privileges and adjacent network access. No public exploit identified at time of analysis.

Information Disclosure Stack Overflow RCE Buffer Overflow TP-Link
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-4808 HIGH This Week

Arbitrary file upload in Gerador de Certificados - DevApps plugin for WordPress (all versions ≤1.3.6) enables authenticated administrators to upload files without type validation, creating remote code execution opportunities. The vulnerability stems from missing file type validation in the moveUploadedFile() function. CVSS 7.2 (High) reflects network-accessible attack requiring high privileges; EPSS data not provided, no public exploit identified at time of analysis, not listed in CISA KEV.

WordPress RCE File Upload
NVD
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-1343 HIGH PATCH This Week

Server-Side Request Forgery (SSRF) in IBM Verify Identity Access and Security Verify Access products (versions 10.0-11.0.2) allows unauthenticated remote attackers to contact internal authentication endpoints that should be protected by the Reverse Proxy component. This bypass enables attackers to interact with restricted internal services, potentially leading to unauthorized information disclosure and limited integrity impact. EPSS data not provided, but CVSS 7.2 (High) with network-accessible, low-complexity attack vector indicates moderate real-world risk. No evidence of active exploitation (not in CISA KEV) or public exploit code at time of analysis.

IBM SSRF
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-35476 HIGH PATCH This Week

Privilege escalation in InvenTree inventory management system versions prior to 1.2.7 and 1.3.0 allows remote unauthenticated attackers to elevate any user account to staff level through improperly secured API endpoints. Exploitation requires no special conditions beyond network access and enables unauthorized administrative access to inventory management functions. EPSS score of 0.03% (8th percentile) indicates low observed exploitation likelihood, and SSVC assessment confirms no known exploitation with non-automatable attack requiring user account creation first.

Authentication Bypass Inventree
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-39972 HIGH PATCH GHSA This Week

Cache key collision in Mercure hub TopicSelectorStore enables authorization bypass through crafted topic names. Attackers can poison the match result cache by exploiting underscore-based key concatenation, causing private updates to be delivered to unauthorized subscribers or blocking legitimate deliveries. Affects Go package github.com/dunglas/mercure prior to version 0.22.0. Exploitation requires ability to subscribe to the hub or publish updates with specially crafted topic/selector combinations. No public exploit identified at time of analysis.

Authentication Bypass
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-39414 HIGH GHSA This Week

Memory exhaustion in MinIO S3 Select (RELEASE.2018-08-18T03-49-57Z through RELEASE.2025-12-20T04-58-37Z) allows authenticated users with s3:PutObject and s3:GetObject permissions to crash the server by uploading CSV files lacking newline characters. The vulnerable CSV reader buffers entire lines into memory without size limits, enabling attackers to trigger out-of-memory conditions. A ~2 MB compressed CSV can decompress to gigabytes without newlines, causing denial of service. No public exploit identified at time of analysis.

Denial Of Service Minio
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-40037 HIGH PATCH GHSA This Week

Cross-origin request body replay in OpenClaw's fetchWithSsrFGuard function before version 2026.3.31 enables attackers to exfiltrate sensitive request data and headers to unintended origins through redirect manipulation. The vulnerability requires user interaction and allows high confidentiality impact through unsafe request body transmission across origin boundaries. Affects unauthenticated contexts. No public exploit identified at time of analysis, with low observed exploitation activity (EPSS <1%).

Open Redirect
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy