Skip to main content
CVE-2026-33104 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Win32K graphics subsystem (Win32K-GRFX) allows authenticated attackers with low privileges to gain SYSTEM-level access by exploiting a race condition during concurrent resource access. Affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025. Microsoft has released patches addressing this CWE-362 synchronization flaw. No public exploit identified at time of analysis, though the local attack vector and high complexity (

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32068 HIGH PATCH This Week

Local privilege escalation in Windows SSDP Service affects all supported Windows 10, Windows 11, and Windows Server versions from 2012 through 2025 via a race condition vulnerability. Authenticated local users with low privileges can exploit improper synchronization in shared resource access to gain SYSTEM-level privileges, achieving full system compromise. Vendor-released patches are available across all affected versions. No public exploit identified at time of analysis, though the local attack vector and high impact warrant priority patching on multi-user or sensitive systems.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32219 HIGH PATCH This Week

Double free vulnerability in Microsoft Brokering File System enables local privilege escalation on Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025. Low-privileged authenticated users can exploit memory corruption (CWE-415) to gain SYSTEM-level access with high attack complexity. Microsoft has released patches addressing builds prior to 10.0.26100.32690 (24H2/Server 2025), 10.0.26200.8246 (25H2), and 10.0.28000.1836 (26H1). EPSS score of 0.04% (11th percentile) and SSVC assessment of no active exploitation suggest low immediate threat despite 7.0 CVSS score, though CISA classifies technical impact as total (complete system compromise).

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32083 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service (all Windows 10, 11, and Server versions from 2012 onwards) enables low-privileged authenticated users to gain SYSTEM-level access by exploiting a race condition in shared resource handling. The vulnerability requires low privileges and high attack complexity (CVSS AC:H), resulting in complete compromise of confidentiality, integrity, and availability. Vendor-released patches are available for all affected versions with specific build numbers pr

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32082 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows SSDP Service across Windows 10, Windows 11, and Windows Server 2012-2025 allows authenticated users with low privileges to gain SYSTEM-level access by exploiting a race condition in shared resource handling. Attack complexity is high (AC:H), requiring precise timing to win the race window. Patch available per vendor advisory; no public exploit identified at time of analysis.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27929 HIGH PATCH Exploit Unlikely This Week

Windows LUAFV driver privilege escalation via TOCTOU race condition allows authenticated local attackers with low privileges to gain SYSTEM-level access across all supported Windows 10, Windows 11, and Windows Server versions (2012 through 2025). The vulnerability requires high attack complexity to exploit the narrow timing window between security checks and file operations. Vendor-released patch available across all affected platforms. No public exploit identified at time of analysis, though th

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-27926 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Windows Cloud Files Mini Filter Driver (all Windows 10/11 and Server 2019/2022/2025 versions) allows low-privileged authenticated users to gain SYSTEM-level access through a race condition vulnerability. Attack requires high complexity timing manipulation of shared resources in the kernel-mode filter driver. Vendor-released patches available for all affected versions. No public exploit identified at time of analysis, though the authenticated local attack vector and detailed version-specific fix data suggest moderate real-world deployment risk in multi-user Windows environments.

Information Disclosure Race Condition Microsoft
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-33018 HIGH PATCH This Week

Heap use-after-free in libsixel 1.8.7 and earlier allows local code execution when processing malicious animated GIF files through the sixel_helper_load_image_file() API with multi-frame callbacks. The vulnerability triggers when gif_init_frame() unconditionally frees and reallocates frame->pixels between frames while client code retains references via the documented sixel_frame_ref() API, creating dangling pointers confirmed by AddressSanitizer. Fixed in version 1.8.7-r1. No public exploit iden

Use After Free RCE Memory Corruption Libsixel
NVD GitHub
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-32226 MEDIUM PATCH Exploit Unlikely This Month

Denial of service in Microsoft .NET Framework 3.5 and 4.7.2-4.8.1 via race condition in shared resource synchronization allows unauthenticated remote attackers to crash affected applications with high complexity attack requirements. Microsoft has released patches addressing improper concurrent access handling across multiple .NET Framework versions.

Authentication Bypass Race Condition Microsoft Net Framework 3 5 And 4 7 2 Microsoft Net Framework 3 5 And 4 8 Microsoft Net Framework 3 5 And 4 8 1 +1
NVD VulDB
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-40249 MEDIUM GHSA This Month

Free5GC UDR service fails to terminate request processing after HTTP body retrieval or JSON deserialization errors in the PUT /nudr-dr/v2/policy-data/subs-to-notify/{subsId} endpoint, allowing unintended modification of Policy Data notification subscriptions with invalid or partially processed input. The handler lacks return statements following error responses, causing execution to continue to the downstream processor with uninitialized or empty subscription objects. No public exploit code or active exploitation has been confirmed; this is a robustness and input validation flaw affecting write operations on a core 5G network function.

Deserialization
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-4832 MEDIUM CISA This Month

Schneider Electric Easergy MiCOM protective relays contain hard-coded SNMP credentials that allow unauthenticated remote attackers to access sensitive device information and system configurations. An attacker can directly query the SNMP port (UDP 161) without authentication to retrieve operational data, relay status, and device parameters. This vulnerability affects 12 product lines across multiple versions and is classified as an authentication bypass with a CVSS 6.9 (medium-to-high confidentiality impact).

Authentication Bypass Easergy Micom P14X Easergy Micom P24X Easergy Micom P341 Easergy Micom P342 P343 P344 P345 +8
NVD
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-37980 MEDIUM This Month

Stored XSS in Keycloak's organization selection login page allows authenticated administrators with manage-realm or manage-organizations privileges to inject malicious JavaScript via the organization.alias field, enabling arbitrary script execution in users' browsers when they access the login page. Exploitation requires high-privilege administrative access and user interaction (viewing the login page), with potential impact including session theft and unauthorized account actions. No public exploit code or active exploitation confirmed at time of analysis.

XSS Build Of Keycloak
NVD VulDB
CVSS 3.1
6.9
EPSS
0.1%
CVE-2026-2402 MEDIUM CISA This Month

Schneider Electric PowerChute Serial Shutdown v1.4 and prior allows remote credential brute force attacks due to missing rate limiting on authentication endpoints, enabling attackers to enumerate valid credentials across multiple API endpoints with no authentication prerequisite. The vulnerability has a CVSS score of 6.9 with network-based attack vector and no user interaction required, though the impact is limited to information disclosure rather than full account takeover.

Information Disclosure Powerchute Serial Shutdown
NVD VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-24032 MEDIUM CISA This Month

Authentication bypass in Siemens SINEC NMS versions prior to V4.0 SP3 with UMC allows unauthenticated remote attackers to gain unauthorized access due to insufficient user identity validation in the UMC component (CWE-347: Improper Verification of Cryptographic Signature). The vulnerability enables network-based attacks with low complexity requiring no user interaction (CVSS 7.3, AV:N/AC:L/PR:N/UI:N), granting partial access to confidentiality, integrity, and availability. ZDI tracking ID CAN-27564 suggests coordinated disclosure. No active exploitation (CISA KEV) or public exploit code confirmed at time of analysis, though JWT-related authentication bypasses are well-understood attack primitives.

Authentication Bypass Jwt Attack
NVD
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-39423 MEDIUM PATCH This Month

Stored Cross-Site Scripting (XSS) via Eval Injection in MaxKB's Markdown rendering engine allows authenticated users to execute arbitrary JavaScript in other users' browsers, including administrators. MaxKB versions 2.7.1 and below are affected. The vulnerability requires user interaction (UI:P) and low privileges (PR:L) to exploit, but delivers high integrity impact (VI:H) to victim sessions. A vendor-released patch is available in version 2.8.0.

XSS Maxkb
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39422 MEDIUM PATCH This Month

Stored Cross-Site Scripting (XSS) in MaxKB 2.7.1 and below allows authenticated users to inject malicious JavaScript through application name or icon fields, which is then executed in victims' browsers when accessing the public chat interface. The vulnerability stems from unsanitized data insertion into HTML responses by ChatHeadersMiddleware, enabling arbitrary code execution with user interaction. MaxKB 2.8.0 has released a patch to fix this issue.

XSS Maxkb
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-39963 MEDIUM PATCH GHSA This Month

Serendipity's serendipity_setCookie() function accepts unsanitized HTTP_HOST header values as the cookie domain parameter, allowing remote attackers to scope authentication cookies (session tokens, auto-login tokens) to attacker-controlled domains and facilitate session hijacking. The vulnerability requires user interaction (victim authentication during poisoned Host header) and man-in-the-middle or reverse proxy misconfiguration to exploit, affecting all versions of Serendipity that use the vulnerable function. A proof-of-concept demonstrating cookie domain poisoning exists; exploitation probability is moderate (EPSS 6.9, CVSS AC:H reflects attack complexity), and no evidence of active exploitation has been identified.

Privilege Escalation PHP
NVD GitHub
CVSS 3.1
6.9
EPSS
0.0%
CVE-2026-2404 MEDIUM PATCH CISA This Month

Log injection via improper output encoding in Schneider Electric PowerChute™ Serial Shutdown allows unauthenticated remote attackers to forge or inject malicious log entries by sending crafted POST requests to the /j_security_check endpoint, potentially obscuring attack trails or triggering false alerts.

Code Injection Powerchute Serial Shutdown
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-40104 MEDIUM PATCH GHSA This Month

Denial of service via resource exhaustion in XWiki REST API endpoints that list database properties without respecting configured query limits, allowing remote attackers to enumerate all pages on large wiki installations and exhaust server resources. Affects XWiki Platform versions before 16.10.16, 17.4.8, and 17.10.1. Vendor-released patches are available; no public exploit code or active exploitation confirmed at time of analysis.

Denial Of Service
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-2399 MEDIUM CISA This Month

PowerChute Serial Shutdown allows authenticated administrative users to overwrite critical system files via path traversal in the POST /REST/upssleep endpoint when maliciously crafting request payloads, potentially causing complete system compromise or denial of service. The vulnerability requires high-privilege Web Admin credentials and adjacent network access, but results in total integrity and availability impact across the affected system. No public exploit code has been identified at the time of analysis.

Path Traversal Powerchute Serial Shutdown
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-0209 MEDIUM This Month

FlashArray Purity applies snapshot retention policies with timing deviations from configured schedules, allowing authenticated administrators to inadvertently trigger premature or delayed data lifecycle actions. This affects FlashArray versions 5.0.0 through 6.10.0, impacting data retention integrity and compliance posture. The vulnerability requires high administrative privileges to exploit and results in integrity compromise of snapshot management operations.

Information Disclosure
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-32223 MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Windows USB Print Driver allows local privilege escalation via physical device access. Affects Windows 11 (versions 24H2, 25H2, 26H1) and Windows Server 2025, with patch available from Microsoft. Attack requires physical USB access and no user interaction; no public exploit identified at time of analysis.

Heap Overflow Buffer Overflow Microsoft
NVD VulDB
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-23653 MEDIUM PATCH Exploit Unlikely This Month

Command injection in GitHub Copilot Chat Extension for Visual Studio Code allows authenticated attackers with user interaction to disclose sensitive information over a network. The vulnerability affects CoPilot Chat Extension versions before 0.37.3 and requires an authorized user to interact with a crafted prompt or input. Microsoft has released a patched version (0.37.3) to remediate this CWE-77 command injection flaw.

Command Injection Microsoft Visual Studio Code Copilot Chat Extension
NVD VulDB
CVSS 3.1
5.7
EPSS
0.1%
CVE-2026-0390 MEDIUM PATCH Exploit Likely This Month

Windows Boot Loader accepts untrusted inputs for security decisions, allowing authorized local attackers to bypass security features with high confidentiality, integrity, and availability impact. This authentication bypass vulnerability (CVSS 6.7) affects Windows 10 versions 1607, 1809, 21H2, and 22H2, as well as Windows Server 2016, 2019, and 2022. Microsoft has released patches addressing the root cause of reliance on untrusted security-critical inputs.

Authentication Bypass Microsoft
NVD VulDB
CVSS 3.1
6.7
EPSS
0.1%
CVE-2026-25691 MEDIUM This Month

Path traversal vulnerability in Fortinet FortiSandbox allows privileged super-admin users with CLI access to delete arbitrary directories on the system via crafted HTTP requests. Affects FortiSandbox 5.0.0-5.0.5, 4.4.0-4.4.8, 4.2 all versions, FortiSandbox Cloud 5.0.4, and FortiSandbox PaaS 5.0.4. CVSS 6.7 reflects high integrity and availability impact but requires authenticated super-admin privileges; no public exploit code or active KEV designation identified at time of analysis.

Fortinet Path Traversal
NVD VulDB
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-39809 MEDIUM This Month

SQL injection in Fortinet FortiClientEMS 7.0 through 7.4.5 allows high-privileged local attackers to execute unauthorized code or commands with high integrity and confidentiality impact. The vulnerability requires local access and high privileges (PR:H per CVSS vector), making it a risk primarily in environments where administrative users are untrusted or compromised. CISA SSVC framework rates this as non-exploitable via automation due to privilege requirements, though the technical impact is total (confidentiality, integrity, and availability compromise). No public exploit code has been identified at the time of analysis.

Fortinet SQLi
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-39814 MEDIUM This Month

Local privilege escalation in Fortinet FortiWeb 7.0.10-8.0.2 allows high-privileged local attackers to execute arbitrary code or commands through relative path traversal, exploiting improper file path validation with CVSS 6.7 (high confidentiality, integrity, and availability impact). No public exploit code or active exploitation confirmed at time of analysis.

Fortinet Path Traversal
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-26155 MEDIUM PATCH Exploit Unlikely This Month

Microsoft Local Security Authority Subsystem Service (LSASS) information disclosure vulnerability allows authenticated network attackers to read sensitive memory contents via a bounds check bypass in the LSASS process. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2016, 2019, 2022, and 2025. No public exploit code or active exploitation has been reported; vendor-released patches are available across all affected versions.

Buffer Overflow Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-2582 MEDIUM This Month

Unauthenticated attackers can execute arbitrary WordPress shortcodes in the Germanized for WooCommerce plugin (all versions up to 3.20.5) via the 'account_holder' parameter, which bypasses shortcode validation in the do_shortcode() function. This enables remote code execution with medium severity (CVSS 6.5) affecting any WordPress site with the vulnerable plugin installed. No public exploit code or active exploitation has been confirmed at the time of analysis.

Code Injection RCE WordPress
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-32151 MEDIUM PATCH Exploit Unlikely This Month

Windows Shell information disclosure vulnerability (CVE-2026-32151) allows authenticated network attackers to read sensitive data without authorization. The vulnerability affects Windows 10 versions 1607-22H2, Windows 11 versions 22H3-26H1, Windows Server 2012-2025, and associated Server Core installations. Microsoft has released vendor patches for all affected versions; exploitation requires valid credentials and network access but no user interaction.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-27925 MEDIUM PATCH Exploit Unlikely This Month

Use-after-free memory corruption in Windows UPnP Device Host enables unauthenticated adjacent network attackers to disclose sensitive information with CVSS 6.5 high severity. The vulnerability affects Windows 10 (versions 1607, 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), and multiple Windows Server editions (2012 through 2025). Microsoft has released patches with specific version thresholds; exploitation requires network adjacency but no authentication or user interaction.

Denial Of Service Use After Free Memory Corruption Microsoft
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-22573 MEDIUM This Month

Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.3) contains a path traversal vulnerability in File Content Extraction actions that allows authenticated remote attackers to read arbitrary files outside the intended directory with high confidentiality impact. The vulnerability requires valid credentials and is exploitable over the network with no user interaction; CVSS 6.5 reflects medium-to-high severity for a cloud security platform handling sensitive workflows.

Fortinet Path Traversal
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-32218 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2022, and Windows Server 2025. An attacker with local user privileges can access kernel log files to retrieve confidential data such as credentials, cryptographic material, or system secrets. Microsoft has released patches addressing this log injection vulnerability; no public exploit code or active exploitation has been confirmed.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-32217 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that can be read by local authenticated users, allowing information disclosure on Windows 10 and Windows 11 systems across multiple versions as well as Windows Server 2012 through 2025. The vulnerability requires local access and valid user credentials (privilege level L) but results in high confidentiality impact. Microsoft has released patches for all affected versions.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-32215 MEDIUM PATCH Exploit Unlikely This Month

Windows Kernel logs sensitive information that authenticated local users can read, enabling information disclosure on Windows 10 (versions 1809, 21H2, 22H2), Windows 11 (versions 22H3, 23H2, 24H2, 25H2, 26H1), Windows Server 2019, 2022, and 2025. An authorized local attacker with user-level privileges can access kernel log files to retrieve confidential data without elevated rights or user interaction. Microsoft has released patches addressing this CWE-532 insertion-of-sensitive-information vulnerability with specific build fixes across all affected editions.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-35034 MEDIUM PATCH This Month

Denial of service in Jellyfin versions prior to 10.11.7 allows authenticated users to exhaust server resources and crash the SyncPlay media synchronization service via the group creation endpoint (POST /SyncPlay/New) by submitting unbounded payload sizes. An attacker can lock out legitimate clients from accessing SyncPlay functionality and trigger out-of-memory conditions through insufficient input validation on group names and IDs. No public exploit code or active exploitation has been identified.

Denial Of Service Jellyfin
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32079 MEDIUM PATCH This Month

Windows File Explorer information disclosure vulnerability in Windows 10 and Windows 11 allows authenticated local attackers to read sensitive files through a flaw in access control validation. CVSS 5.5 indicates moderate risk with confidentiality impact but no integrity or availability compromise. Patch available from Microsoft; no public exploit code or active exploitation confirmed at time of analysis.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32085 MEDIUM PATCH This Month

Windows Remote Procedure Call (RPC) discloses sensitive information to local authenticated users in Windows 10, Windows 11, and Windows Server 2016-2025. An authorized attacker with local access and limited privileges can read confidential data without user interaction, affecting multiple Windows editions across a 9-year product span. Patch availability confirmed from Microsoft; no active exploitation reported.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-32081 MEDIUM PATCH This Month

Windows File Explorer information disclosure vulnerability in Windows 10 and Windows 11 allows authenticated local users to access sensitive information without authorization. The vulnerability affects multiple Windows 10 versions (1607, 1809, 21H2, 22H2), Windows 11 versions (22H3 through 26H1), and Windows Server 2016 through 2025. Microsoft has released patches addressing this CWE-200 information exposure flaw, with no evidence of active exploitation at the time of analysis.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-34264 MEDIUM This Month

SAP Human Capital Management for SAP S/4HANA allows authenticated users with low privileges to enumerate and guess sensitive information through specific authorization check messages, resulting in information disclosure beyond their authorized scope. The vulnerability affects SAP HCM across affected versions and requires low-privilege authenticated access to exploit, with a CVSS score of 6.5 reflecting high confidentiality impact but no integrity or availability compromise.

SAP Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34370 MEDIUM PATCH This Month

Chamilo LMS versions prior to 2.0.0-RC.3 allow authenticated students to read private course notes of any other user via an Insecure Direct Object Reference (IDOR) vulnerability in the notebook module's editnote action. An attacker can manipulate the notebook_id parameter to bypass ownership checks in the read path (get_note_information()), exposing note titles and HTML body content despite write-path protections existing in updateNote() and delete_note(). The vulnerability requires valid student credentials but impacts confidentiality of sensitive educational materials across the platform.

Authentication Bypass Chamilo Lms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-38533 MEDIUM This Month

An improper authorization vulnerability in the /api/v1/users/{id} endpoint of Snipe-IT v8.4.0 allows authenticated attackers with the users.edit permission to modify sensitive authentication and account-state fields of other non-admin users via supplying a crafted PUT request.

Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27679 MEDIUM This Month

SAP S/4HANA frontend OData Service (Manage Reference Structures) allows authenticated users to update and delete child entities without proper authorization checks, enabling privilege escalation and data integrity violations. The vulnerability requires valid user credentials but no special privileges, affecting systems running vulnerable S/4HANA versions. Attackers can exploit exposed OData endpoints to modify or remove reference structure data that should be protected from their access level.

SAP Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27678 MEDIUM This Month

SAP S/4HANA backend OData Service for Manage Reference Structures allows authenticated remote attackers to modify and delete child entities without proper authorization checks, compromising data integrity across reference data structures. The vulnerability requires valid user credentials but no elevated privileges, affecting organizations running vulnerable S/4HANA versions. CVSS 6.5 with confirmed patch availability via SAP Security Patch Day.

SAP Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-27677 MEDIUM This Month

SAP S/4HANA OData Service for Manage Reference Equipment lacks authorization checks, allowing authenticated users to modify and delete child entities without proper access controls. The vulnerability affects S/4HANA instances with the vulnerable OData service and requires low-privilege network access, resulting in high integrity impact but no confidentiality or availability risk. No public exploit code or active exploitation has been confirmed.

SAP Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-21742 MEDIUM This Month

Fortinet FortiSOAR (both PaaS and on-premise versions 7.3-7.6.x) transmits sensitive authentication credentials in cleartext in API responses for Secure Message Exchange and RADIUS configurations, allowing authenticated attackers with network access to intercept and view passwords. The vulnerability requires user interaction (UI:R) and prior authentication (PR:L), affecting confidentiality of stored credentials in these integrations with a CVSS score of 5.7.

Fortinet Information Disclosure Microsoft Fortisoar Paas Fortisoar On Premise
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34261 MEDIUM This Month

Missing authorization checks in SAP Business Analytics and SAP Content Management allow authenticated users to invoke unauthorized remote function module calls, enabling confidential data access beyond their assigned permissions. The vulnerability affects all versions of the product and carries a CVSS score of 6.5 with confirmed high confidentiality impact. No public exploit code or active exploitation has been reported at time of analysis.

SAP Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-30480 MEDIUM This Month

A Local File Inclusion (LFI) vulnerability in the NFSen module (nfsen.inc.php) of LibreNMS 22.11.0-23-gd091788f2 allows authenticated attackers to include arbitrary PHP files from the server filesystem via path traversal sequences in the nfsen parameter.

PHP LFI Path Traversal
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-53847 MEDIUM This Month

Fortinet FortiOS allows unauthenticated remote attackers to execute arbitrary code or commands on affected devices through specially crafted packets due to missing authentication controls on a critical function. This affects FortiOS versions 6.2.9 through 6.2.17, all 6.4.x versions, 7.0.0 through 7.0.17, 7.2.0 through 7.2.11, 7.4.0 through 7.4.8, and 7.6.0 through 7.6.3. With a CVSS score of 6.5 and an adjacent network attack vector, this represents a significant risk to FortiGate appliances accessible from local network segments. No public exploit code or active exploitation has been confirmed at time of analysis.

Fortinet Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-4059 MEDIUM This Month

Stored Cross-Site Scripting in ShopLentor WordPress plugin (versions up to 3.3.5) via the woolentor_quickview_button shortcode's button_text attribute allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript that executes for all site visitors. The vulnerability stems from insufficient input sanitization and missing output escaping on user-supplied shortcode attributes. With a CVSS score of 6.4 and confirmed patch availability in version 3.3.6, this poses a moderate risk to WordPress installations using the plugin, particularly those with multiple contributor-level users.

XSS WordPress
NVD
CVSS 3.1
6.4
EPSS
0.0%
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy