Skip to main content
CVE-2026-33594 MEDIUM PATCH This Month

dnsdist can be forced into excessive memory allocation when a client generates high volumes of DNS queries routed to an overloaded DNS-over-HTTPS (DoH) backend, causing queries to accumulate in an unbounded buffer that persists until connection closure. This denial-of-service condition affects dnsdist deployments with DoH backends under load, allowing unauthenticated remote attackers to exhaust server memory with sustained query traffic.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33254 MEDIUM PATCH This Month

DNSdist allows remote attackers to create unlimited concurrent DoQ (DNS over QUIC) or DoH3 (DNS over HTTPS/3) connections, triggering unbounded memory allocation and denial of service. The vulnerability affects configurations where these protocols are explicitly enabled, as both are disabled by default. No authentication is required for exploitation, and CVSS 5.3 (AC:L, AV:N) indicates straightforward network-based triggering under default conditions.

Denial Of Service Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-33609 MEDIUM PATCH This Month

Incomplete LDAP query escaping in PowerDNS Authoritative with 8bit-dns enabled allows authenticated users to enumerate internal domain subtrees through LDAP injection, leading to information disclosure of sensitive DNS zone data. The vulnerability requires valid authentication, high attack complexity due to LDAP protocol constraints, and has been reported by the vendor security team. No active exploitation data is currently available.

Information Disclosure LDAP Code Injection Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-40451 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in DeepL Chrome browser extension versions 1.22.0 through 1.23.0 allows remote attackers to execute arbitrary JavaScript and inject malicious HTML into web pages viewed by users. The vulnerability requires user interaction with a malicious web page but can compromise the security context of all visited websites.

XSS Google Chrome Browser Extension
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-6835 MEDIUM This Month

Unauthenticated remote attackers can upload arbitrary files to any path in a+HCM developed by aEnrich, including executable HTML documents, enabling cross-site scripting and potential server-side impacts. The vulnerability requires user interaction (UI:A) but allows unrestricted file placement with low scope and integrity impact. No patch version or active exploitation data is currently available.

XSS File Upload A Hcm
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-41131 MEDIUM PATCH GHSA This Month

OpenFGA versions prior to 1.14.1 suffer from a cache key collision vulnerability in conditional authorization models that enables attackers to obtain unauthorized access to resources by forcing reuse of cached authorization decisions. When conditions are evaluated with caching enabled, different check requests can generate identical cache keys, causing OpenFGA to incorrectly return a previously cached authorization result for a subsequent request with different parameters. This affects deployments using relational models with condition evaluation where caching is active, allowing authenticated users to bypass intended access controls and disclose information about resources they should not access.

Information Disclosure Red Hat
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-35372 MEDIUM PATCH This Month

The ln utility in uutils coreutils fails to honor the --no-dereference flag when the --force flag is not simultaneously enabled, allowing local attackers with low privileges to redirect symbolic link operations into unintended directories. An attacker can manipulate existing symlinks to cause a privileged user or system script running ln -n to create files in sensitive directories, leading to unauthorized file creation or system misconfiguration. CVSS score of 5.0 reflects local attack vector and low complexity; SSVC framework indicates non-automatable exploitation with partial technical impact.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-33259 MEDIUM PATCH This Month

PowerDNS Recursor versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0 suffer denial of service and potential data corruption when a malfunctioning RPZ provider causes concurrent transfers of the same RPZ zone, leading to use-after-free conditions, inconsistent zone data, and recursor crashes. The vulnerability requires high privilege attacker control over an RPZ provider and non-standard network conditions, resulting in availability and integrity impact with a CVSS score of 5.0.

Denial Of Service Use After Free Memory Corruption Suse
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-6845 MEDIUM PATCH This Month

The readelf utility in binutils is vulnerable to denial of service through null pointer dereference when processing specially crafted ELF files. A local attacker with limited privileges can trigger excessive resource consumption or program crashes by convincing a user to process a malicious ELF binary, affecting Red Hat Enterprise Linux 6, 7, 8, and 10. No public exploit code or active exploitation has been confirmed at this time.

Null Pointer Dereference Denial Of Service Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +4
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-4919 MEDIUM PATCH This Month

Stored cross-site scripting (XSS) in IBM Guardium Data Protection 12.1 through 26.0.0.4 allows authenticated administrative users to inject arbitrary JavaScript into the Web UI, enabling credential theft and session hijacking of other administrators within a trusted session. The vulnerability requires administrative privileges and user interaction (clicking a malicious link or visiting a crafted page), limiting its scope but maintaining high impact for multi-admin environments. EPSS context and active exploitation status are not publicly confirmed at this time.

IBM XSS
NVD
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-41314 MEDIUM PATCH This Month

Denial of service via memory exhaustion in pypdf prior to 6.10.2 allows local attackers with user interaction to crash applications processing crafted PDF files containing FlateDecode-compressed images with inflated size values. The vulnerability exhausts available RAM during decompression, affecting any system using vulnerable pypdf versions to parse untrusted PDF documents.

Information Disclosure Python Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-41313 MEDIUM PATCH This Month

Denial of service via algorithmic complexity in pypdf versions prior to 6.10.2 allows local attackers to cause long runtimes by crafting a PDF with an excessively large trailer /Size value when loaded in incremental mode. The vulnerability requires user interaction to load the malicious PDF and results in availability degradation rather than data compromise. Patch version 6.10.2 is available from the vendor.

Information Disclosure Python Red Hat Suse
NVD GitHub
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-41312 MEDIUM PATCH This Month

Memory exhaustion in pypdf prior to 6.10.2 allows local attackers to craft malicious PDF files that exhaust system RAM when processed. The vulnerability requires user interaction to open a specially crafted PDF containing a /FlateDecode stream with a /Predictor value other than 1 and large predictor parameters. Vendor-released patch available in version 6.10.2.

Information Disclosure Python Red Hat Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-33598 MEDIUM PATCH This Month

Out-of-bounds memory read in dnsdist allows remote attackers to trigger information disclosure or denial of service when custom Lua code invokes getDomainListByAddress() or getAddressListByDomain() functions on a crafted packet cache entry. The vulnerability requires network access but has high attack complexity, limiting real-world exploitation despite the remote attack vector.

Buffer Overflow Information Disclosure Suse
NVD VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-31523 MEDIUM PATCH This Month

Double completions in NVMe-PCI polled queue handling occur when a high-priority task attempts to poll a queue during kernel reset before block layer queue maps are updated, causing race conditions between interrupt-driven and polled I/O paths. Affects Linux kernel versions before 5.10.253, 5.15.203, 6.1.168, 6.6.131, 6.12.80, 6.18.21, 6.19.11, and 7.0-rc2, requiring local authentication and high attack complexity to trigger. No public exploit identified, but vendor-released patches are available across all affected stable and development branches.

Information Disclosure Linux Red Hat Suse
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-31466 MEDIUM PATCH This Month

A race condition in Linux kernel memory management causes folio objects to be accessed without proper locking during concurrent mega-transparent huge page (mTHP) splitting and zap operations on arm64, triggering a denial-of-service condition via VM_WARN_ON_ONCE() panic when the missing memory barrier allows CPU reordering to expose unlocked folio state. The vulnerability affects Linux kernel versions before 5.10.253, 5.15.203, 6.1.168, 6.6.134, 6.12.81, 6.18.21, 6.19.11, and 7.0 with EPSS score of 0.02% indicating low real-world exploitation likelihood despite moderate CVSS impact rating.

Huawei Race Condition Information Disclosure Linux
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-31456 MEDIUM PATCH This Month

A race condition in the Linux kernel's page table walking code (mm/pagewalk) allows local authenticated attackers to trigger a kernel panic (denial of service) by concurrent PUD splitting and refaulting operations. The vulnerability occurs when one thread is reading proc/[pid]/numa_maps while another thread (e.g., VFIO-PCI DMA setup) modifies the page table hierarchy, causing walk_pmd_range() to attempt walking a PMD range that no longer exists. The condition requires local access and a privileged operation (VFIO DMA pinning), but can reliably crash the kernel, affecting system availability.

Race Condition Information Disclosure Linux
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-35359 MEDIUM This Month

Time-of-Check to Time-of-Use (TOCTOU) vulnerability in uutils coreutils cp utility allows local attackers with write access to bypass no-dereference protections and read arbitrary sensitive files. The cp command checks symbolic link status via metadata but opens files without O_NOFOLLOW, permitting race condition exploitation where an attacker swaps a regular file for a symbolic link between check and use, causing a privileged cp process to copy sensitive file contents to attacker-controlled destinations. Publicly available exploit code exists; SSVC framework indicates partial technical impact with non-automatable exploitation.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-35354 MEDIUM This Month

Time-of-check-time-of-use (TOCTOU) vulnerability in uutils coreutils mv utility during cross-device file moves allows local attackers with directory write access to manipulate extended attributes (xattrs) on destination files by swapping files between sequential path-based system calls, potentially causing security labels like SELinux attributes or file capabilities to be applied inconsistently. CVSS 4.7 (local, high complexity) with confirmed vulnerability reported by Canonical; CISA SSVC assessment indicates non-automatable exploitation with partial technical impact.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-35357 MEDIUM This Month

The cp utility in uutils coreutils exposes sensitive file contents through a race condition where destination files are created with overly permissive umask-derived permissions before being restricted to their final restrictive mode. A local authenticated attacker can open the file during this narrow window to obtain a valid file descriptor that remains readable even after permissions are tightened, bypassing intended access controls. CVSS 4.7 with high confidentiality impact but limited exploitability due to high attack complexity and moderate SSVC rating.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-3837 MEDIUM This Month

Stored cross-site scripting (XSS) in Frappe 16.10.0 allows authenticated attackers with high privileges to inject malicious scripts into document fields, which execute in the browser of any user who subsequently opens the affected document in Desk. The vulnerability stems from unsafe HTML interpolation in multiple formatter implementations that fail to escape user-supplied values, enabling persistent client-side code execution with limited scope (low integrity/availability impact). CVSS 4.6 reflects the requirement for authenticated high-privilege access and user interaction, but the XSS vector represents a significant persistence and social engineering risk in collaborative document environments.

XSS Frappe
NVD GitHub VulDB
CVSS 4.0
4.6
EPSS
0.1%
CVE-2026-3673 MEDIUM This Month

Stored cross-site scripting (XSS) in Frappe 16.10.10 allows authenticated attackers with high privileges to inject malicious JavaScript via crafted tag values in the _user_tags field, which execute when victims open list or report views. The vulnerability stems from unescaped interpolation of tag content into HTML attributes and element content. Exploitation requires user interaction (victim must open affected view) and high-level authentication, but results in session hijacking or data theft with partial technical impact; CISA SSVC framework rates this as exploitable via proof-of-concept with partial technical impact.

XSS Frappe
NVD GitHub
CVSS 4.0
4.6
EPSS
0.1%
CVE-2026-35376 MEDIUM PATCH This Month

Time-of-Check to Time-of-Use (TOCTOU) race condition in the chcon utility of uutils coreutils allows local attackers with directory write access to redirect recursive security label operations to unintended files or directories via symbolic link or rename races, potentially compromising SELinux security controls. The vulnerability affects versions prior to 0.8.0 and requires low privileges and high attack complexity to exploit, making it a moderate-severity issue with partial technical impact.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-35347 MEDIUM PATCH GHSA This Month

The comm utility in uutils coreutils drains FIFO and pipe streams before performing file comparison due to premature data consumption in the are_files_identical function, causing silent data loss and potential indefinite hangs on infinite streams. Local authenticated users can trigger this vulnerability to corrupt or lose data in piped workflows, affecting the integrity of command-line data processing chains.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-4142 MEDIUM This Month

Stored cross-site scripting in the Sentence To SEO WordPress plugin (versions up to 1.0) allows authenticated administrators to inject arbitrary JavaScript into the plugin settings page via the 'Permanent keywords' field. The vulnerability stems from insufficient input sanitization and output escaping, enabling attackers to break out of a textarea element and inject malicious scripts that execute when other users access the settings page. This requires administrator-level privileges and does not affect unauthenticated users.

XSS WordPress PHP
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-33601 MEDIUM PATCH This Month

Denial of service in PowerDNS Recursor via null pointer dereference in the zoneToCache function when processing zone data from a malicious authoritative server. Affects Recursor 5.2.0 through 5.4.0 and requires high privileges and non-standard network conditions to exploit, resulting in service availability impact but not data compromise. Patch available from vendor.

Denial Of Service Null Pointer Dereference Suse
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-33600 MEDIUM PATCH This Month

Denial of service in PowerDNS Recursor occurs when processing a malicious Response Policy Zone (RPZ) from an authoritative server, triggering a null pointer dereference due to missing validation logic. Versions 5.2.0-5.2.8, 5.3.0-5.3.5, and 5.4.0 are affected. An authenticated remote attacker controlling an authoritative nameserver can crash the Recursor service by sending a specially crafted RPZ response, requiring high privilege level (PR:H) and complex attack conditions (AC:H) as mitigating factors.

Denial Of Service Null Pointer Dereference Suse
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-3362 MEDIUM This Month

Stored Cross-Site Scripting in Short Comment Filter WordPress plugin up to version 2.2 allows authenticated administrators to inject arbitrary JavaScript through the 'Minimum Count' settings field due to missing input sanitization and output escaping. The vulnerability affects all versions through 2.2 and has particular impact in WordPress multisite environments or when DISALLOW_UNFILTERED_HTML is configured, where administrators lack unfiltered_html capabilities. No public exploit code or active exploitation has been identified at the time of analysis.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-35370 MEDIUM PATCH GHSA This Month

The id utility in uutils coreutils miscalculates group membership by using real GID instead of effective GID, causing output divergence from GNU coreutils and potentially enabling unauthorized access when scripts rely on id output for access-control decisions. Affects local users with privileges to execute the id command. Proof-of-concept code exists but no active exploitation in the wild has been confirmed.

Authentication Bypass Coreutils
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-35358 MEDIUM PATCH GHSA This Month

The cp utility in uutils coreutils versions before 0.7.0 incorrectly handles recursive copy operations (-R flag) by converting character and block device nodes into regular files instead of preserving them via mknod, destroying device semantics and enabling denial of service through disk exhaustion or process hangs when unbounded device nodes are copied.

Denial Of Service Coreutils
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-35366 MEDIUM POC PATCH GHSA This Month

The printenv utility in uutils coreutils versions before 0.6.0 silently omits environment variables containing invalid UTF-8 byte sequences, allowing adversarial environment variables such as malicious LD_PRELOAD values to evade inspection by administrators and security auditing tools. This evasion capability enables library injection and other environment-based attacks to bypass detection, affecting systems that rely on printenv for security auditing or environment validation. The vulnerability requires local access with unprivileged user privileges (PR:L) to exploit and carries a CVSS score of 4.4 with confirmed proof-of-concept availability.

Code Injection Coreutils
NVD GitHub
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-2719 MEDIUM This Month

Stored cross-site scripting in Private WP Suite plugin for WordPress through version 0.4.1 allows authenticated administrators to inject arbitrary JavaScript via the Exceptions setting, which executes in the browsers of any user accessing affected pages. The vulnerability requires high-privilege authenticated access and only manifests in multi-site installations or those with unfiltered_html disabled, limiting real-world exposure despite network-accessible attack vector.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-2714 MEDIUM This Month

Stored Cross-Site Scripting in Institute Management plugin for WordPress up to version 5.5 allows authenticated administrators to inject arbitrary JavaScript via the 'Enquiry Form Title' setting, which executes when users access affected pages. The vulnerability is limited to multi-site WordPress installations or sites with unfiltered_html disabled. CVSS 4.4 reflects high privilege requirements (PR:H) and conditional scope (multi-site only), but the stored XSS nature and administrator access requirement make this a targeted insider threat rather than a broad attack surface.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-6041 MEDIUM This Month

Stored cross-site scripting in the Buzz Comments WordPress plugin (all versions up to 0.9.4) allows authenticated administrators to inject arbitrary JavaScript via the 'Custom Buzz Avatar' setting, with the malicious script executing whenever any user accesses the plugin settings page. The vulnerability requires high-privilege administrative access and manual interaction with the settings interface, limiting its practical exploitability to insider threats or compromised administrator accounts.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-1379 MEDIUM This Month

Stored cross-site scripting in HTTP Headers plugin for WordPress up to version 1.19.2 allows authenticated administrators to inject arbitrary scripts into admin settings that execute when users access affected pages. This vulnerability is limited to multi-site installations or sites where the unfiltered_html capability has been disabled, significantly reducing real-world exposure. No active exploitation has been publicly reported, and the high privilege requirement (administrator role) narrows the practical attack surface.

XSS WordPress
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2026-1930 MEDIUM This Month

Emailchef WordPress plugin versions up to 3.5.1 allow authenticated attackers with Subscriber-level access to delete plugin settings via an unprotected AJAX action due to missing capability checks. The vulnerability enables unauthorized modification of plugin configuration without administrative privileges, affecting any WordPress site using the affected plugin versions. No public exploit code or active exploitation has been identified at time of analysis.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-41126 MEDIUM This Month

Open redirect vulnerability in BigBlueButton prior to version 3.0.24 allows unauthenticated remote attackers to redirect users to arbitrary external URLs via manipulation of the logoutURL parameter in the /api/join endpoint. The vulnerability requires user interaction (clicking a malicious link) but has low technical complexity and could facilitate phishing attacks by redirecting authenticated users away from the legitimate logout flow to attacker-controlled domains. Version 3.0.24 mitigates this by enforcing checksum validation and defaulting to the legitimate logoutURL when validation fails.

Open Redirect
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4126 MEDIUM This Month

Table Manager plugin for WordPress versions up to 1.0.0 allows authenticated Contributor-level users and above to extract sensitive data from arbitrary WordPress database tables via the 'table_manager' shortcode. The vulnerability stems from insufficient input validation on the table name parameter-the plugin uses only sanitize_key() without an allowlist check, enabling attackers to enumerate and read data from any accessible database table by manipulating the shortcode attribute. No public exploit code has been identified, but the attack requires only valid WordPress credentials at Contributor level or higher.

Information Disclosure WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4138 MEDIUM This Month

Cross-Site Request Forgery (CSRF) in the DX Unanswered Comments WordPress plugin versions up to 1.7 allows unauthenticated attackers to modify critical plugin settings (authors list and comment count) by tricking a site administrator into clicking a malicious link, due to missing nonce validation in the settings form handler. The CVSS 4.3 score reflects low severity with integrity impact limited to plugin configuration rather than data or code execution, but successful exploitation could alter site functionality if an attacker controls which comments are flagged as unanswered.

PHP CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4118 MEDIUM This Month

Call To Action Plugin for WordPress versions up to 3.1.3 contains a Cross-Site Request Forgery (CSRF) vulnerability in the settings page that allows unauthenticated attackers to modify plugin configuration via forged requests. The vulnerability exists because the cbox_options_page() function lacks nonce validation (missing wp_nonce_field() and wp_verify_nonce() checks), enabling attackers to trick site administrators into clicking malicious links that alter call-to-action box settings including title, content, URL, colors, and other options. No public exploit code has been identified, but the attack requires minimal complexity (AC:L) and relies on user interaction (UI:R) to succeed.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-6294 MEDIUM This Month

Cross-Site Request Forgery in Google PageRank Display plugin for WordPress (versions up to 1.4) allows unauthenticated attackers to trick logged-in administrators into changing plugin settings via a crafted request, due to missing nonce validation in the settings form handler. The vulnerability has a CVSS score of 4.3 (network-based, low complexity, requires user interaction) and enables modification of plugin configuration such as display style without administrator knowledge.

CSRF WordPress Google
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4128 MEDIUM This Month

TP Restore Categories And Taxonomies WordPress plugin versions up to 1.0.1 lack capability checks in the delete_term() AJAX handler, allowing authenticated Subscriber-level users to permanently delete taxonomy terms from backup tables by reusing a nonce exposed to all authenticated users. The vulnerability bypasses authorization despite nonce validation, enabling low-privileged attackers to cause data loss via a simple crafted AJAX request.

PHP Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4121 MEDIUM This Month

The Kcaptcha WordPress plugin versions up to 1.0.1 fails to validate nonces on the settings page, allowing unauthenticated attackers to modify CAPTCHA configuration (enable/disable on login, registration, lost password, and comment forms) via cross-site request forgery if a site administrator can be tricked into clicking a malicious link. The vulnerability requires user interaction (administrator click) but carries a CVSS score of 4.3 with integrity impact; no public exploit code or active exploitation has been identified at the time of analysis.

PHP CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4139 MEDIUM This Month

Cross-site request forgery in mCatFilter WordPress plugin up to version 0.5.2 allows unauthenticated attackers to modify all plugin settings including category exclusion rules, feed exclusion flags, and tag page exclusion flags by tricking site administrators into clicking a malicious link. The vulnerability exists because the compute_post() function processes $_POST data without nonce verification or capability checks, executing on every page load via the plugins_loaded hook.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-6396 MEDIUM This Month

Cross-Site Request Forgery in Fast & Fancy Filter - 3F WordPress plugin up to version 1.2.2 allows unauthenticated attackers to modify plugin filter settings, update arbitrary site options, or create filter posts by tricking site administrators into clicking a malicious link. The vulnerability exists in the saveFields() function which handles the fff_save_settins AJAX action without nonce verification, enabling attackers to forge requests that execute administrative actions on behalf of logged-in administrators.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4140 MEDIUM This Month

Cross-Site Request Forgery in Ni WooCommerce Order Export plugin for WordPress allows unauthenticated attackers to modify plugin settings by tricking an administrator into clicking a malicious link, due to missing nonce validation in the AJAX settings handler. Affected versions through 3.1.6 accept direct $_REQUEST input to update_option() without any CSRF protection or capability checks, enabling unauthorized configuration changes.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-4133 MEDIUM This Month

Cross-site request forgery in TextP2P Texting Widget plugin for WordPress up to version 1.7 allows unauthenticated attackers to modify all plugin settings including API credentials and widget configuration by tricking site administrators into clicking a malicious link. The vulnerability stems from missing nonce validation in the settings update handler, enabling attackers to change chat titles, messages, colors, reCAPTCHA configuration, and other sensitive options without authentication or authorization verification. This requires user interaction (admin must click attacker-controlled link) but affects any WordPress site running the vulnerable plugin with an active administrator.

CSRF WordPress
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-58922 MEDIUM PATCH This Month

Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada theme allows unauthenticated remote attackers to perform unauthorized actions on behalf of authenticated users through malicious web pages, affecting versions before 7.13.2. The vulnerability requires user interaction (clicking a malicious link or visiting a crafted page) but carries low overall risk due to SSVC assessment indicating none-automatable exploitation with partial technical impact. No active exploitation has been confirmed in CISA KEV at time of analysis.

CSRF Avada
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-35351 MEDIUM This Month

The mv utility in uutils coreutils fails to preserve file ownership when moving files across filesystem boundaries, causing moved files to be reassigned to the caller's UID/GID instead of retaining the source file's ownership metadata. When invoked by privileged users (such as root), this results in unexpected ownership changes that can lead to information disclosure or access restrictions for legitimate file owners. Exploitation requires local access and high privileges; a public proof-of-concept exists but active exploitation has not been confirmed in the wild.

Information Disclosure Coreutils
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy