Skip to main content
CVE-2026-40901 HIGH PATCH This Week

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the application, deserializes job data BLOBs from the qrtz_job_details table using ObjectInputStream with no deserialization filter or class allowlist. An authenticated attacker who can write to the Quartz job table, such as through the previously described SQL injection in previewSql, can replace a scheduled job's JOB_DATA with a malicious CommonsCollections6 gadget chain payload. When the Quartz cron trigger fires, the payload is deserialized and executes arbitrary commands as root inside the container, achieving full remote code execution. This issue has been fixed in version 2.10.21.

Deserialization SQLi RCE Dataease
NVD GitHub
CVSS 4.0
7.5
EPSS
0.4%
CVE-2026-3489 HIGH This Week

The DirectoryPress - Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions up to, and including, 3.6.26 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

WordPress SQLi
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-30656 HIGH PATCH This Week

A NULL pointer dereference vulnerability exists in fio (Flexible I/O Tester) v3.41 when parsing job files containing the fdp_pli option. The callback function str_fdp_pli_cb() does not validate the input pointer and calls strdup() on a NULL value when the option is specified without an argument. This results in a segmentation fault and process crash.

Null Pointer Dereference Denial Of Service Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-40303 HIGH PATCH GHSA This Week

**Summary** endpoints.GetSessionCookie parses an attacker-supplied cookie chunk count and calls make([]string, count) with no upper bound before any token validation occurs. The function is reached on every request to an OAuth-protected proxy share, allowing an unauthenticated remote attacker to trigger gigabyte-scale heap allocations per request, leading to process-level OOM termination or repeated goroutine panics. Both publicProxy and dynamicProxy are affected. - Attack Vector: Network - exploitable via a single HTTP request with a crafted Cookie header. - Attack Complexity: Low - no preconditions or chaining required; the attacker only needs to know the cookie name (publicly derivable from any OAuth redirect). - Privileges Required: None - reached before JWT validation or any authentication check. - User Interaction: None. - Scope: Unchanged - impact is confined to the affected proxy process. - Confidentiality Impact: None. - Integrity Impact: None. Availability Impact: High - sustained or concurrent requests cause OOM process termination, taking down the proxy for all users of all shares it serves. **Affected Components** - endpoints/oauthCookies.go - GetSessionCookie (line 81) - endpoints/publicProxy/authOAuth.go - handleOAuth (line 50) - call site, pre-auth - endpoints/dynamicProxy/cookies.go - getSessionCookie (line 29) - call site

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-40170 HIGH PATCH This Week

ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog is enabled, a remote peer can send sufficiently large transport parameters during the QUIC handshake to cause writes beyond the buffer boundary, resulting in a stack buffer overflow. This affects deployments that enable the qlog callback and process untrusted peer transport parameters. This issue has been fixed in version 1.22.1. If developers are unable to immediately upgrade, they can disable the qlog on client.

Stack Overflow Buffer Overflow Ngtcp2
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3599 HIGH This Week

SQL injection in Riaxe Product Customizer for WordPress (all versions ≤2.1.2) allows unauthenticated remote attackers to extract sensitive database contents via crafted REST API requests. The vulnerability exists in the /wp-json/InkXEProductDesignerLite/add-item-to-cart endpoint where the 'options' parameter keys within 'product_data' lack proper SQL escaping. CVSS 7.5 (High) with attack vector network/low complexity/no authentication required. Wordfence discovery indicates active researcher attention. No CISA KEV listing or public exploit code identified at time of analysis, but EPSS data unavailable for risk calibration.

WordPress SQLi
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-31987 HIGH PATCH GHSA This Week

Apache Airflow 3.0.0 through 3.1.x exposes JWT authentication tokens in application logs, allowing any authenticated UI user with log access to escalate privileges and impersonate DAG Authors. CVSS rates this 7.5 HIGH for confidentiality impact, though the EPSS score of 0.02% (5th percentile) suggests minimal observed exploitation attempts. No active exploitation is confirmed; vendor patch available in version 3.2.0 released April 2026.

Information Disclosure Apache Airflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-5050 HIGH This Week

Signature validation bypass in Redsys payment gateway plugin (WooCommerce) allows remote attackers to mark unpaid orders as completed without actual payment. Unauthenticated attackers who obtain a valid order key and amount can forge payment callbacks across Redsys, Bizum, and Google Pay flows, enabling fraudulent order fulfillment. Affects versions ≤7.0.0 of 'Payment Gateway for Redsys & WooCommerce Lite' WordPress plugin. CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) indicates trivial remote exploitation, though EPSS data unavailable. No CISA KEV listing or public POC identified at time of analysis. Vendor patch released in changeset 3501998.

Information Disclosure Jwt Attack WordPress Google
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-2374 HIGH PATCH This Week

The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entities. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Denial Of Service Wso2 Api Manager Wso2 Identity Server Wso2 Open Banking Am +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33804 HIGH PATCH GHSA This Week

@fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic does not account for duplicate slash normalization performed by Fastify's router, allowing requests with duplicate slashes to bypass middleware authentication and authorization checks. This only affects applications using the deprecated ignoreDuplicateSlashes option. Upgrade to @fastify/middie 9.3.2 to fix this issue. There are no workarounds other than disabling the ignoreDuplicateSlashes option.

Authentication Bypass Fastify Middie
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-41015 HIGH PATCH This Week

Command injection in radare2's rabin2 PDB parser allows local attackers to execute arbitrary commands when the tool is compiled without SSL support on UNIX systems. The vulnerability (CWE-78) affected a narrow window between commits 01ca2f6 and 9236f44 (post-6.1.2, pre-6.1.3), spanning less than one week in the development timeline. CVSS 7.4 (HIGH) reflects local attack vector with high complexity but no authentication required. No active exploitation confirmed (not in CISA KEV), though publicly available exploit code exists. EPSS data not provided. Fixed in commit 9236f44a28 per GitHub PR #25651.

Command Injection Suse
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-37337 HIGH This Week

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php.

PHP SQLi
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-37336 HIGH This Week

SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php.

PHP SQLi
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-23772 HIGH PATCH This Week

Local privilege escalation in Dell Storage Manager - Replay Manager for Microsoft Servers 8.0 allows low-privileged authenticated users to gain elevated privileges with high integrity and availability impact. Dell has released security advisory DSA-2026-058 with patches. The CVSS 7.3 (High) score reflects significant post-exploitation impact, though local access and existing authentication requirements limit initial attack surface. No active exploitation (CISA KEV) or public proof-of-concept code identified at time of analysis.

Privilege Escalation Dell Microsoft
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-3876 HIGH This Week

Stored Cross-Site Scripting in Prismatic WordPress plugin (all versions ≤3.7.3) allows unauthenticated remote attackers to inject malicious scripts via crafted comment submissions containing the 'prismatic_encoded' pseudo-shortcode. Vulnerable code in prismatic_decode function fails to sanitize user-supplied attributes. CVSS 7.2 with scope change (S:C) elevates impact beyond vulnerable component. EPSS data not available; no CISA KEV listing identified. Wordfence threat intelligence confirms vulnerability; patch released in version 3.7.4 per WordPress plugin repository changelog.

XSS WordPress
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-37344 HIGH This Week

SQL injection in SourceCodester Vehicle Parking Area Management System v1.0 allows authenticated administrators to execute arbitrary SQL commands via the /parking/manage_location.php endpoint. CVSS 7.2 indicates high-privilege requirement (PR:H) limiting exploitation to compromised admin accounts or insider threats. EPSS score of 0.01% (2nd percentile) suggests minimal observed exploitation activity. No CISA KEV listing indicates no confirmed active exploitation in enterprise environments.

PHP SQLi
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-37343 HIGH This Week

SQL injection in SourceCodester Vehicle Parking Area Management System v1.0 allows authenticated high-privilege users to execute arbitrary SQL queries via the /parking/manage_user.php endpoint. CVSS 7.2 with network vector but requires high-privilege authentication (PR:H), significantly limiting attack surface. EPSS probability is very low (0.01%, 2nd percentile), indicating minimal observed exploitation activity. No CISA KEV listing or public POC confirmation, though a technical writeup exists in GitHub repository mt-0505/cve-report.

PHP SQLi
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-37342 HIGH This Week

SQL injection in SourceCodester Vehicle Parking Area Management System v1.0 allows authenticated high-privilege users to execute arbitrary SQL commands via the /parking/view_parked_details.php endpoint. The vulnerability requires administrative credentials (CVSS PR:H) but enables full database compromise once authenticated. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity. A public proof-of-concept exists on GitHub, lowering the technical barrier for authenticated attackers.

PHP SQLi
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-37341 HIGH This Week

SQL injection in SourceCodester Vehicle Parking Area Management System v1.0 allows high-privileged authenticated attackers to execute arbitrary SQL commands via the /parking/manage_category.php endpoint, enabling complete database compromise. EPSS score of 0.01% (2nd percentile) indicates minimal observed exploitation activity. Proof-of-concept exploit code is publicly available on GitHub, lowering the barrier for authenticated attackers with administrative access.

PHP SQLi
NVD GitHub
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-6409 HIGH PATCH GHSA This Week

A Denial of Service (DoS) vulnerability exists in the Protobuf PHP library during the parsing of untrusted input. Maliciously structured messages-specifically those containing negative varints or deep recursion-can be used to crash the application, impacting service availability.

PHP Denial Of Service
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-40503 HIGH PATCH This Week

Path traversal in OpenHarness allows authenticated gateway users with chat access to read arbitrary files on the server via the '/memory show' slash command. Affecting all versions prior to commit dd1d235, attackers can inject directory traversal sequences to escape the project memory directory and access any file readable by the OpenHarness process. CVSS 7.1 reflects high confidentiality impact with low-privilege network access. Vendor patch available via GitHub commit dd1d235450dd987b20bff01b7bfb02fe8620a0af. No public exploit identified at time of analysis, EPSS data unavailable.

Path Traversal Openharness
NVD GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-30459 HIGH This Week

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message.

Information Disclosure N A
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-54502 HIGH This Week

Incorrect use of boot service in the AMD Platform Configuration Blob (APCB) SMM driver could allow a privileged attacker with local access (Ring 0) to achieve privilege escalation potentially resulting in arbitrary code execution.

Privilege Escalation Information Disclosure RCE Amd Amd Epyc 9004 Series Processors +56
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-3861 HIGH PATCH This Week

LINE for iOS versions before 26.3.0 suffer from dialog-based denial-of-service through the in-app browser. A remote attacker can render an iOS device temporarily inoperable by crafting a malicious web page that triggers infinite OS-level dialog loops when opened in LINE's browser, requiring only that a user click a malicious link. EPSS exploitation probability is minimal (0.01%, 1st percentile) with no active exploitation confirmed. Vendor patch released in version 26.3.0, addressing CWE-451 (user interface misrepresentation).

Information Disclosure Apple Line Client For Ios
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-40253 MEDIUM PATCH This Month

openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library (asn1.c) accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them against actual buffer boundaries. All primitive decoders are affected: ber_decode_INTEGER, ber_decode_SEQUENCE, ber_decode_OCTET_STRING, ber_decode_BIT_STRING, and ber_decode_CHOICE. Additionally, ber_decode_INTEGER can produce integer underflows when the encoded length is zero. An attacker supplying a malformed BER-encoded cryptographic object through PKCS#11 operations such as C_CreateObject or C_UnwrapKey, token loading from disk, or remote backend communication can trigger out-of-bounds reads. This affects all token backends (Soft, ICA, CCA, TPM, EP11, ICSF) since the vulnerable code is in the shared common library. A patch is available thorugh commit ed378f463ef73364c89feb0fc923f4dc867332a3.

Information Disclosure Buffer Overflow Opencryptoki
NVD GitHub VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2025-43937 MEDIUM PATCH This Month

Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

Information Disclosure Dell
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-22616 MEDIUM PATCH This Month

Eaton Intelligent Power Protector (IPP) software allows brute-force credential attacks against the web interface login page due to missing rate-limiting controls, enabling remote attackers to enumerate valid credentials and gain unauthorized access without authentication. CVSS 6.5 reflects moderate confidentiality and integrity impact via network access. Eaton has released a patched version available from their download center.

Information Disclosure Ipp Software
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-37100 MEDIUM This Month

Yamaha SR-B30A sound bar firmware 2.40 allows remote attackers within Bluetooth Low Energy (BLE) radio range to connect to the device and modify settings without authentication via the Sound Bar Remote protocol. The vulnerability enables unauthenticated integrity compromise (modification of device configuration) but does not expose sensitive data or cause denial of service. This affects only devices within BLE proximity range, significantly limiting practical attack scope despite the moderate CVSS score.

Authentication Bypass N A
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-3773 MEDIUM This Month

SQL injection in Accessibility Suite by Ability, Inc WordPress plugin (versions up to 4.20) allows authenticated attackers with Subscriber-level access to extract sensitive database information via an unescaped 'scan_id' parameter. The vulnerability is unauthenticated remote network-accessible but requires low-privilege login credentials; no public exploit code or active exploitation has been identified at the time of analysis.

WordPress SQLi
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2840 MEDIUM This Month

The Email Encoder - Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode in all versions up to, and including, 2.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

XSS WordPress
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-1572 MEDIUM This Month

Livemesh Addons for Elementor plugin versions up to 9.0 allow authenticated attackers with Subscriber-level access to inject arbitrary JavaScript via the plugin settings page through missing authorization checks on the AJAX handler lae_admin_ajax() and insufficient output escaping on checkbox fields. The injected scripts execute whenever an administrator accesses the settings page if the attacker obtains a valid nonce, which can be leaked due to improper access control on settings pages. This combination of authorization bypass and stored XSS affects all WordPress installations running the vulnerable plugin.

XSS WordPress Elementor
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-13364 MEDIUM This Month

Stored XSS in WP Maps plugin for WordPress allows authenticated contributors to inject malicious scripts via the 'put_wpgm' shortcode due to insufficient input sanitization and output escaping. Attackers with contributor-level access and above can craft malicious shortcode attributes that persist in page content and execute for all subsequent visitors. All versions up to 4.8.7 are affected; patched version 4.8.8 is available.

XSS WordPress Google
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3875 MEDIUM This Month

Stored Cross-Site Scripting in BetterDocs WordPress plugin versions up to 4.3.8 allows authenticated attackers with contributor-level access to inject arbitrary JavaScript into pages via the 'betterdocs_feedback_form' shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the browsers of all users who view affected pages, enabling account compromise, credential theft, or malware distribution. No public exploit code or active exploitation has been identified at this time.

XSS WordPress Elementor
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-5070 MEDIUM This Month

Stored cross-site scripting in the Vantage WordPress theme up to version 1.20.32 allows authenticated contributors and higher-privileged users to inject malicious scripts into gallery block text content that execute for all site visitors. The vulnerability stems from insufficient output escaping in the gallery template, enabling attackers with contributor-level access to compromise page integrity and potentially steal session tokens or deface content.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3878 MEDIUM This Month

Stored Cross-Site Scripting (XSS) in WP Docs plugin for WordPress (all versions through 2.2.9) allows authenticated attackers with subscriber-level access to inject malicious scripts via the 'wpdocs_options[icon_size]' parameter due to insufficient input sanitization and output escaping. The injected scripts execute in the context of any user accessing the affected page, enabling session hijacking, credential theft, or malware distribution with no user interaction required beyond normal site browsing. No public exploit code has been identified, but the vulnerability is technically straightforward to exploit given valid subscriber credentials.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3885 MEDIUM This Month

Stored Cross-Site Scripting (XSS) in WP Shortcodes Plugin - Shortcodes Ultimate through version 7.4.9 allows authenticated contributors and above to inject arbitrary JavaScript into WordPress pages via the 'su_box' shortcode due to insufficient input sanitization and output escaping. The injected scripts execute in the context of all users who access the affected pages, potentially compromising site visitors' sessions and data. No public exploit code has been identified at the time of analysis, though the vulnerability is straightforward to reproduce and weaponize.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-3299 MEDIUM This Month

Stored Cross-Site Scripting in WP YouTube Lyte plugin for WordPress versions up to 1.7.29 allows authenticated contributors and above to inject arbitrary JavaScript via the 'lyte' shortcode due to insufficient input sanitization and output escaping. Injected scripts execute in the browsers of all users viewing affected pages. No public exploit code or active exploitation has been confirmed at time of analysis; patch is available in version 1.7.30 and later.

XSS WordPress
NVD
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-41030 MEDIUM PATCH This Month

ONLYOFFICE DesktopEditors versions before 9.3.0 allow local attackers to perform arbitrary file operations with SYSTEM privileges via the update service, resulting in denial of service through resource exhaustion or file manipulation. The vulnerability requires local access and operates without user interaction, making it a significant privilege-escalation risk in multi-user or compromised-account scenarios.

Information Disclosure Onlyoffice Desktopeditors
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2024-10242 MEDIUM PATCH This Month

The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Wso2 Api Manager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-6024 MEDIUM PATCH This Month

The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage this by injecting malicious scripts into the authentication endpoint. This can result in the user's browser being redirected to a malicious website, manipulation of the web page's user interface, or the retrieval of information from the browser. However, session hijacking is not possible due to the httpOnly flag protecting session-related cookies.

XSS Wso2 Api Manager Wso2 Identity Server
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-3355 MEDIUM This Month

Reflected Cross-Site Scripting in Customer Reviews for WooCommerce plugin allows unauthenticated attackers to inject arbitrary JavaScript via the unescaped 'crsearch' parameter, affecting all versions up to 5.101.0. Exploitation requires social engineering (victim must click a malicious link), but successful attacks can steal session cookies, perform actions as the logged-in user, or redirect to phishing sites. No public exploit code or active exploitation has been identified, though the vulnerability is trivially reproducible given the simple parameter manipulation required.

XSS WordPress
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-4032 MEDIUM PATCH This Month

Stored Cross-Site Scripting (XSS) in CodeColorer plugin for WordPress versions up to 0.10.1 allows unauthenticated attackers to inject malicious JavaScript via the 'class' parameter in the 'cc' comment shortcode, which executes in the browsers of users viewing the affected page. Exploitation requires comments to be enabled and guest comments permitted on the target post. The vulnerability has a CVSS score of 6.1 with low complexity and no authentication required, but user interaction (visiting the affected page) is necessary for the payload to execute.

XSS WordPress
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-40302 MEDIUM PATCH GHSA This Month

{{ .Error }} in HTML without escaping - endpoints/publicProxy/providerGithub.go - login callback closure (lines 93, 128, 130) - endpoints/dynamicProxy/providerGithub.go - loginHandler() (lines 110, 146, 148)

XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-12624 MEDIUM PATCH This Month

Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation allows previously issued, valid tokens to remain usable, enabling continued access to protected resources by locked user accounts. The security consequence is that a locked user account can maintain access to protected resources through the use of existing, unexpired access tokens. This creates a security gap where access control policies are bypassed, potentially leading to unauthorized data access or actions until the tokens naturally expire.

Authentication Bypass Wso2 Identity Server
NVD VulDB
CVSS 3.1
6.0
EPSS
0.0%
CVE-2026-22615 MEDIUM PATCH This Month

Eaton Intelligent Power Protector (IPP) software allows authenticated administrators with local system access to execute arbitrary commands via XML input validation bypass, requiring user interaction. The vulnerability impacts all versions of IPP software prior to the latest patched release available on Eaton's download center. CVSS score of 6.0 reflects high integrity and availability impact but is constrained by elevated privilege requirements and high attack complexity.

RCE Ipp Software
NVD VulDB
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-54510 MEDIUM This Month

Missing lock check in AMD Platform Security Processor in AMD EPYC™ 9005 Series CPUs allows a privileged attacker to potentially impact guest confidentiality via local access.

Information Disclosure Amd Red Hat
NVD VulDB
CVSS 4.0
5.9
EPSS
0.0%
CVE-2026-6414 MEDIUM PATCH GHSA This Month

@fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators (%2F) before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch allows attackers to bypass route-based middleware or guards that protect files served by @fastify/static. For example, a route guard on a protected path can be circumvented by encoding the path separator in the URL. Upgrade to @fastify/static 9.1.1 to fix this issue. There are no workarounds.

Authentication Bypass Fastify Static
NVD GitHub
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-22618 MEDIUM PATCH This Month

Insecure HTTP response header configuration in Eaton Intelligent Power Protector (IPP) software enables attackers to perform web-based attacks including information disclosure and content modification. The vulnerability requires network access, unusual attack complexity, and user interaction (CVSS AV:N/AC:H/PR:N/UI:R), affecting all versions of IPP software prior to the patched release. No public exploit code or active exploitation has been identified at time of analysis.

Information Disclosure Ipp Software
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-15621 MEDIUM This Month

Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication

Information Disclosure Sparx Enterprise Architect
NVD VulDB
CVSS 4.0
5.7
EPSS
0.0%
CVE-2026-22617 MEDIUM PATCH This Month

Eaton Intelligent Power Protector (IPP) software uses insecure cookie configuration that allows network attackers to intercept session cookies via man-in-the-middle attack when high-privilege users interact with the application. CVSS 5.7 reflects the requirement for high privileges and user interaction, combined with high confidentiality and integrity impact. Eaton has released a patched version available on their download center.

Information Disclosure Ipp Software
NVD
CVSS 3.1
5.7
EPSS
0.0%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy