Skip to main content
CVE-2026-6654 MEDIUM PATCH GHSA This Month

Double-free and use-after-free vulnerability in Mozilla's thin_vec Rust crate allows local attackers to read sensitive memory via panic-induced length corruption in IntoIter::drop and ThinVec::clear functions. The vulnerability occurs when a panic in ptr::drop_in_place fails to reset the vector length to zero, leaving dangling pointers accessible to subsequent operations. Affected applications linking thin_vec versions prior to the patched release face local information disclosure risk with low real-world exploitation probability (EPSS 0.02%).

Information Disclosure Thin Vec
NVD GitHub VulDB
CVSS 3.1
5.1
EPSS
0.0%
CVE-2025-13480 MEDIUM This Month

Fudo Enterprise versions 5.5.0 through 5.6.2 permit low-privileged users to access administrator-only API endpoints, exposing sensitive system logs and configuration data due to improper authorization controls. Authenticated attackers with minimal privileges can escalate access to protected resources without additional user interaction. The vulnerability has been patched in version 5.6.3.

Authentication Bypass Fudo Enterprise
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-25525 MEDIUM PATCH GHSA This Month

OpenMage LTS Dataflow module prior to version 20.17.0 allows authenticated administrators to read arbitrary files via a bypassable path traversal filter that uses simple string replacement (`str_replace('../', '', $input)`). Attackers can circumvent the blacklist by using nested patterns like `..././` or `....//` which resolve to valid `../` sequences after filtering. Remote administrative access is required, but the high confidentiality impact and confirmed patch availability make immediate patching necessary for affected deployments.

Adobe Path Traversal
NVD GitHub VulDB
CVSS 3.1
4.9
EPSS
0.0%
CVE-2026-23753 MEDIUM PATCH This Month

GFI HelpDesk before version 4.99.9 contains a stored cross-site scripting vulnerability in language management where the charset POST parameter is not HTML-sanitized before being rendered by the View_Language.RenderGrid() function. An authenticated administrator can inject arbitrary JavaScript through the charset field when creating or editing a language, with the payload executing in the browsers of other administrators viewing the Languages page. This is a medium-risk vulnerability limited to authenticated administrators but affecting any admin viewer.

XSS Helpdesk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-23752 MEDIUM PATCH This Month

GFI HelpDesk before version 4.99.9 allows authenticated administrators to inject stored cross-site scripting (XSS) payloads via the companyname parameter in template group creation and editing, with malicious scripts executing in the browsers of other administrators viewing the Templates > Groups page. The attack requires administrative credentials and user interaction (victim viewing the affected page), but succeeds against all administrator accounts with access to that interface.

XSS Helpdesk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-5721 MEDIUM This Month

Stored Cross-Site Scripting in wpDataTables WordPress plugin (all versions up to 6.5.0.4) allows unauthenticated attackers to inject malicious scripts into data tables via insufficient input sanitization in LinkWDTColumn, ImageWDTColumn, and EmailWDTColumn classes. Exploitation requires an Administrator to import attacker-controlled data with affected column types configured, but once injected, the malicious script executes for all users viewing the infected page. No public exploit code or active exploitation confirmed at time of analysis.

XSS WordPress
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-3219 MEDIUM PATCH This Month

pip before version 26.1 incorrectly treats concatenated tar and ZIP archives as ZIP files regardless of filename, potentially installing unintended package contents when ambiguous archive formats are processed. Local attackers with user interaction can exploit this during package installation to cause integrity confusion, where an archive's actual contents diverge from its declared format. The vulnerability requires local access and user interaction (downloading/installing a crafted archive), limiting real-world impact to supply-chain scenarios or direct social engineering of pip users.

File Upload Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-6060 MEDIUM This Month

Uncontrolled resource consumption in OTRS admin interface SQL Box causes denial of service against the webserver, affecting OTRS 7.0.x, 8.0.x, 2023.x, 2024.x, 2025.x, and 2026.x before 2026.3. The vulnerability requires high-privilege admin access and user interaction, limiting real-world impact to authenticated administrators performing deliberate actions. No public exploit code or active exploitation has been identified.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-41282 MEDIUM PATCH This Month

DSL expression injection in ProjectDiscovery Nuclei before 3.8.0 allows remote code execution when using the -env-vars flag with multi-step templates against untrusted targets. An attacker can inject malicious expressions into environment variables that are evaluated as Nuclei DSL code, achieving arbitrary code execution with the privileges of the Nuclei process. This vulnerability requires non-default configuration (explicit -env-vars usage) and high attack complexity, limiting real-world impact despite the RCE tag.

Code Injection RCE Nuclei
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-0930 LOW PATCH Monitor

Out-of-bounds read in wolfSSHd on Windows allows authenticated users to leak adjacent stack memory via malformed terminal resize requests, exposing sensitive data through pseudo-console output. Affects wolfSSH versions prior to 1.5.0. CVSS score of 2.3 reflects low severity due to authentication requirement and limited confidentiality impact; vendor patch available.

Microsoft Buffer Overflow
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-22051 LOW PATCH Monitor

StorageGRID versions before 11.9.0.13 and 12.0.0.6 allow authenticated attackers with low privileges to execute arbitrary metrics queries, exposing metric data they lack authorization to access. The vulnerability requires low-privilege authentication and specific timing conditions but poses direct information disclosure risk in multi-tenant or role-restricted deployments where metric visibility should be compartmentalized.

Information Disclosure Storagegrid Formerly Storagegrid Webscale
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-6586 LOW Monitor

Remote authentication bypass in TransformerOptimus SuperAGI budget endpoints (versions up to 0.0.14) allows authenticated users to manipulate budget settings without proper authorization checks, potentially enabling unauthorized modification of financial controls. The vulnerability affects the get_budget and update_budget functions in superagi/controllers/budget.py and has publicly available exploit code. The vendor did not respond to early disclosure attempts.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-5958 LOW PATCH Monitor

GNU sed with -i (in-place edit) and --follow-symlinks options is vulnerable to a time-of-check-time-of-use (TOCTOU) race condition that allows local attackers to overwrite arbitrary files with attacker-controlled content. An attacker can atomically replace a symlink target between sed's symlink resolution and file open operations, causing sed to read from an attacker-chosen file while writing output to an unintended location. The vulnerability affects sed versions prior to 4.10 and requires precise timing on the same filesystem, resulting in a CVSS score of 2.1 due to low attack complexity but limited practical exploitation window.

Information Disclosure Sed
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy