Skip to main content
CVE-2026-31014 MEDIUM POC This Month

Cross-site request forgery (CSRF) in Dovestones AD Self Update versions before 4.0.0.5 allows unauthenticated attackers to modify authenticated user account information by crafting malicious requests that exploit missing CSRF token validation. The vulnerability affects state-changing endpoints that accept both POST and GET requests without proper anti-CSRF protections, enabling account takeover when a victim visits a malicious page while logged in. Publicly available exploit code exists.

CSRF
NVD GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-31013 MEDIUM POC This Month

Reflected cross-site scripting (XSS) in Dovestones ADPhonebook versions below 4.0.1.1 allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser via the search parameter of the /ADPhonebook?Department=HR endpoint. User input is reflected without proper encoding. Publicly available exploit code exists, though CISA KEV status is not confirmed, and CVSS 6.1 with UI:R indicates user interaction is required for successful exploitation.

XSS
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-41456 MEDIUM POC PATCH This Month

Reflected cross-site scripting in Bludit CMS search plugin allows unauthenticated attackers to inject arbitrary JavaScript through malicious search queries. When users visit attacker-crafted URLs containing the XSS payload, malicious scripts execute in their browsers, enabling session cookie theft and actions performed on behalf of victims. Publicly available exploit code exists; patch available via commit 6732dde.

XSS Bludit
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-1354 MEDIUM CISA This Month

Zero Motorcycles firmware versions 44 and prior enable an attacker to forcibly pair a device with the motorcycle via Bluetooth. Once paired, an attacker can utilize over-the-air firmware updating functionality to potentially upload malicious firmware to the motorcycle. The motorcycle must first be in Bluetooth pairing mode, and the attacker must be in proximity of the vehicle and understand the full pairing process, to be able to pair their device with the vehicle. The attacker's device must remain paired with and in proximity of the motorcycle for the entire duration of the firmware update.

Information Disclosure Zero Motorcycles Firmware
NVD GitHub
CVSS 4.0
5.9
EPSS
0.0%
CVE-2026-40895 MEDIUM PATCH This Month

follow-redirects is an open source, drop-in replacement for Node's `http` and `https` modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request follows a cross-domain redirect (301/302/307/308), follow-redirects only strips authorization, proxy-authorization, and cookie headers (matched by regex at index.js). Any custom authentication header (e.g., X-API-Key, X-Auth-Token, Api-Key, Token) is forwarded verbatim to the redirect target. This vulnerability is fixed in 1.16.0.

Information Disclosure Follow Redirects
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-40584 MEDIUM PATCH This Month

RansomLook versions prior to 1.9.0 disclose non-public location information through an improper list-filtering logic error in the API layer. The vulnerability stems from removing elements from a list during iteration in website/web/api/genericapi.py, causing entries marked as private to persist in API responses. Unauthenticated remote attackers can retrieve sensitive location data that should remain hidden, with CVSS 6.9 indicating low confidentiality impact across the network.

Information Disclosure Ransomlook
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-40343 MEDIUM GHSA This Month

Fail-open request handling in free5GC UDR's POST /nudr-dr/v2/policy-data/subs-to-notify endpoint allows Policy Data notification subscriptions to be created with invalid, empty, or partially processed input after HTTP body read or deserialization failures. The handler fails to return after sending error responses (HTTP 500 for body read failure, HTTP 400 for deserialization failure), causing execution to continue and invoke the subscription processor with an uninitialized or malformed PolicyDataSubscription object. This is a logic flaw rather than memory corruption or remote code execution, but it violates fail-secure design principles for a write-capable API and may result in inconsistent subscription state or unintended database entries depending on downstream validation behavior.

Deserialization
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-41331 MEDIUM PATCH This Month

OpenClaw before version 2026.3.31 allows unauthenticated remote attackers to trigger resource-intensive audio transcription processing via Telegram without proper authorization, enabling denial-of-service through billing or infrastructure exhaustion. The vulnerability stems from insufficient allowlist enforcement that permits unauthorized group senders to initiate preflight transcription operations before authentication is validated, and no public exploit code has been identified at the time of analysis.

Authentication Bypass Openclaw
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-41300 MEDIUM PATCH This Month

OpenClaw before version 2026.3.31 fails to properly invalidate attacker-discovered endpoints during trust decline operations in remote onboarding workflows, allowing attackers to route gateway credentials to malicious endpoints by preserving their URLs through the trust decline process into manual operator acceptance prompts. The vulnerability requires user interaction (UI:A) but affects gateway credential confidentiality (VC:H), posing a significant risk to organizations using OpenClaw's remote onboarding feature with CVSS 6.9 (medium-high severity).

Information Disclosure Openclaw
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-40944 MEDIUM PATCH GHSA This Month

Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool() function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates (e.g., intermediate + root CA), only the first certificate is loaded. This silently breaks certificate chain validation for mTLS. This vulnerability is fixed in 0.16.2.

Information Disclosure Oxia
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-41301 MEDIUM PATCH This Month

OpenClaw 2026.3.22 through 2026.3.30 contain a signature verification bypass in the Nostr direct message (DM) ingress handler that processes pairing challenges before validating event signatures. Remote unauthenticated attackers can send forged DMs to create bogus pending pairing entries, exhaust shared pairing capacity, and trigger unbounded relay and logging work on the Nostr channel, causing denial of service. No public exploit code or active exploitation has been confirmed; a vendor patch is available in version 2026.3.31 and later.

Authentication Bypass Jwt Attack
NVD GitHub
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-41527 MEDIUM PATCH This Month

KDE Kleopatra before 26.08.0 on Windows allows local users to obtain the privileges of a Kleopatra user, because there is an error in the mechanism (KUniqueService) for ensuring that only one instance is running.

Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
6.9
EPSS
0.0%
CVE-2026-34314 MEDIUM This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-40939 MEDIUM This Month

The Data Sharing Framework (DSF) implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This vulnerability is fixed in 2.1.0.

Information Disclosure Dsf Dsf Bpe Server Dsf Common Jetty Dsf Fhir Server
NVD GitHub
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-34325 MEDIUM This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Financial Services Analytical Applications Infrastructure executes to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.1 Base Score 6.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-26274 MEDIUM PATCH GHSA This Month

October CMS versions prior to 3.7.14 and 4.1.10 allow backend developers with Developer permissions to bypass Twig sandbox restrictions and execute unauthorized database write operations (insert, update, delete) via the query builder when cms.safe_mode is enabled. This privilege escalation vulnerability enables data manipulation on any database table despite sandbox security policies intended to restrict template functionality.

Information Disclosure October
NVD GitHub
CVSS 3.1
6.6
EPSS
0.1%
CVE-2026-34277 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L).

Denial Of Service Oracle Authentication Bypass
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2026-41062 MEDIUM This Month

WWBN AVideo is an open source video platform. In versions 29.0 and below, the directory traversal fix introduced in commit 2375eb5e0 for `objects/aVideoEncoderReceiveImage.json.php` only checks the URL path component (via `parse_url($url, PHP_URL_PATH)`) for `..` sequences. However, the downstream function `try_get_contents_from_local()` in `objects/functionsFile.php` uses `explode('/videos/', $url)` on the **full URL string** including the query string. An attacker can place the `/videos/../../` traversal payload in the query string to bypass the security check and read arbitrary files from the server filesystem. Commit bd11c16ec894698e54e2cdae25026c61ad1ed441 contains an updated fix.

PHP Path Traversal
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-6770 MEDIUM PATCH This Month

Information disclosure in Firefox's IndexedDB storage component allows remote unauthenticated attackers to leak sensitive data through a network-accessible vulnerability with no user interaction required. Affected versions include Firefox prior to 150 and Firefox ESR prior to 140.10. The vulnerability has a CVSS score of 6.5 reflecting moderate severity with confidentiality impact and limited availability risk.

Information Disclosure Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6764 MEDIUM PATCH This Month

Incorrect boundary conditions in the DOM: Device Interfaces component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40910 MEDIUM PATCH This Month

frp is a fast reverse proxy. From 0.43.0 to 0.68.0, frp contains an authentication bypass in the HTTP vhost routing path when routeByHTTPUser is used as part of access control. In proxy-style requests, the routing logic uses the username from Proxy-Authorization to select the routeByHTTPUser backend, while the access control check uses credentials from the regular Authorization header. As a result, an attacker who can reach the HTTP vhost entrypoint and knows or can guess the protected routeByHTTPUser value may access a backend protected by httpUser / httpPassword even with an incorrect Proxy-Authorization password. This issue affects deployments that explicitly use routeByHTTPUser. It does not affect ordinary HTTP proxies that do not use this feature. This vulnerability is fixed in 0.68.1.

Authentication Bypass Frp
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-1089 MEDIUM PATCH This Month

User-controlled HTTP headers in Fortra GoAnywhere MFT prior to version 7.10.0 enable remote unauthenticated attackers to trigger arbitrary DNS lookups and execute DNS rebinding attacks, leading to information disclosure and potential service degradation. The vulnerability exploits improper handling of attacker-supplied header values in network requests, allowing reconnaissance of internal infrastructure and circumvention of network segmentation controls.

Information Disclosure Goanywhere Mft
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40924 MEDIUM PATCH GHSA This Month

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Prior to 1.11.1, the HTTP resolver's FetchHttpResource function calls io.ReadAll(resp.Body) with no response body size limit. Any tenant with permission to create TaskRuns or PipelineRuns that reference the HTTP resolver can point it at an attacker-controlled HTTP server that returns a very large response body within the 1-minute timeout window, causing the tekton-pipelines-resolvers pod to be OOM-killed by Kubernetes. Because all resolver types (Git, Hub, Bundle, Cluster, HTTP) run in the same pod, crashing this pod denies resolution service to the entire cluster. Repeated exploitation causes a sustained crash loop. The same vulnerable code path is reached by both the deprecated pkg/resolution/resolver/http and the current pkg/remoteresolution/resolver/http implementations. This vulnerability is fixed in 1.11.1.

Denial Of Service Kubernetes Suse Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34308 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34303 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34276 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34272 MEDIUM This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34271 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34270 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Group Replication Plugin). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22017 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-22009 MEDIUM PATCH This Month

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Denial Of Service Oracle Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6763 MEDIUM PATCH This Month

Mitigation bypass in the File Handling component. This vulnerability was fixed in Firefox 150 and Firefox ESR 140.10.

Authentication Bypass Mozilla Red Hat Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39378 MEDIUM PATCH GHSA This Month

Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated remote attackers to read arbitrary files from the conversion host when HTMLExporter.embed_images is enabled, by embedding malicious image references with path traversal sequences in a crafted notebook. A malicious actor can exfiltrate sensitive files as base64-encoded data URIs in the output HTML, achieving confidentiality breach with no integrity or availability impact. Vendor-released patch: version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-41320 MEDIUM PATCH This Month

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a certain endpoint could result in SQL injection, allowing an attacker to extract information they wouldn't otherwise be able to. Versions 15.54.0 and 14.38.1 contain a patch. No known workarounds are available.

SQLi Hrms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34313 MEDIUM This Month

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.9, 8.0.8.7 and 8.1.2.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34306 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Project Costing product of Oracle PeopleSoft (component: Projects). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Project Costing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN Project Costing accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34301 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Maintenance Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN Maintenance Management accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34300 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Contracts product of Oracle PeopleSoft (component: Contracts). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Contracts. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN Contracts accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34299 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise FIN Maintenance Management product of Oracle PeopleSoft (component: Work Order Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise FIN Maintenance Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise FIN Maintenance Management accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34295 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component: Purchasing). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM Purchasing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise SCM Purchasing accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39377 MEDIUM PATCH GHSA This Month

Arbitrary file write in Jupyter nbconvert 6.5 through 7.17.0 allows unauthenticated attackers to write files to arbitrary filesystem locations outside the intended output directory by crafting malicious cell attachment filenames in notebooks. The ExtractAttachmentsPreprocessor fails to sanitize attachment filenames, enabling path traversal that provides full control over destination paths and file extensions. Requires user interaction (opening a malicious notebook) and is patched in version 7.17.1.

Path Traversal Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34315 MEDIUM This Month

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40888 MEDIUM PATCH This Month

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 contain a patch. No known workarounds are available.

Authentication Bypass Hrms
NVD GitHub
CVSS 3.0
6.5
EPSS
0.0%
CVE-2026-25542 MEDIUM PATCH GHSA This Month

Tekton Pipelines 0.43.0 through 1.11.0 allows authenticated attackers to bypass trusted resource verification policies via unanchored regular expression patterns that match substrings rather than exact resource sources, enabling policy manipulation and unauthorized verification mode changes. The vulnerability stems from Go's regexp.MatchString function matching patterns anywhere within a string rather than requiring full anchoring, permitting attackers to craft source URIs containing trusted patterns as substrings to trigger unintended policy matches and potentially apply weaker verification keys or modes.

Authentication Bypass Kubernetes
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34324 MEDIUM This Month

Vulnerability in the Oracle Life Sciences InForm product of Oracle Life Science Applications (component: App Server). Supported versions that are affected are 7.0.1.0 and 7.0.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Sciences InForm. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Life Sciences InForm accessible data as well as unauthorized read access to a subset of Oracle Life Sciences InForm accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34280 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Job Profile Manager). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise HCM Human Resources accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-34266 MEDIUM This Month

Vulnerability in the PeopleSoft Enterprise HCM Absence Management product of Oracle PeopleSoft (component: Absence Management). The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Absence Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all PeopleSoft Enterprise HCM Absence Management accessible data as well as unauthorized access to critical data or complete access to all PeopleSoft Enterprise HCM Absence Management accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N).

Authentication Bypass Oracle
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40907 MEDIUM This Month

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR) vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream configurations, including third-party platform stream keys and OAuth tokens (access_token, refresh_token) for services like YouTube Live, Facebook Live, and Twitch. Commit d5992fff2811df4adad1d9fc7d0a5837b882aed7 fixes the issue.

PHP Authentication Bypass
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-40889 MEDIUM PATCH This Month

Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by exploiting certain api endpoint. Versions 15.58.2 and 16.4.2 contain a patch. No known workarounds are available.

Authentication Bypass Hrms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6674 MEDIUM This Month

SQL injection in the CMS für Motorrad Werkstätten WordPress plugin (versions up to 1.0.0) allows authenticated attackers with subscriber-level privileges to extract sensitive database information via an unsanitized 'arttype' parameter. The vulnerability requires valid WordPress user credentials but no special configuration, making it exploitable against any WordPress installation running the affected plugin. No public exploit code or active exploitation has been identified at the time of analysis.

WordPress SQLi
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy