Skip to main content
CVE-2026-2892 HIGH This Week

Unauthenticated attackers can bypass Stripe payment gates in Otter Blocks for WordPress ≤3.1.4 by forging the 'o_stripe_data' cookie with publicly visible product IDs from checkout block HTML source, gaining unauthorized access to premium content. The plugin's 'get_customer_data' method accepts unsigned cookie data without server-side Stripe API verification for one-time purchases, enabling trivial exploitation with no authentication required. CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflects high confidentiality impact from accessing gated content. EPSS data unavailable; no active exploitation or POC confirmed at time of analysis, but the attack requires only basic HTTP cookie manipulation skills.

WordPress Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42800 HIGH This Week

NULL pointer dereference in ASR Lapwing Linux's IMS client (sipuri.c) allows authenticated remote attackers to trigger service crashes and potentially execute code with changed scope. The vulnerability exists in the SIP URI parsing logic of the ASR1903 hardware platform's ims_client module. With CVSS 7.4 and scope change to Container, successful exploitation enables lateral impact beyond the vulnerable component. No CISA KEV listing or public exploit code identified at time of analysis, though EPSS data unavailable.

Null Pointer Dereference Denial Of Service Lapwing Linux
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-42799 HIGH PATCH This Week

Out-of-bounds read in ASR Kestrel's nr_fw power control module enables authenticated remote attackers to trigger buffer overflow conditions, potentially disclosing sensitive information and compromising system integrity with low-to-moderate impact across security boundaries. Exploitable over the network with low complexity by attackers holding low-privilege credentials. EPSS data unavailable; not currently listed in CISA KEV. Vendor advisory confirms patch released February 10, 2026.

Buffer Overflow Information Disclosure Kestrel
NVD
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-3833 HIGH PATCH This Week

Certificate name-constraints bypass in GnuTLS allows a remote attacker to craft a leaf certificate whose Subject Alternative Name differs only in letter casing from a constrained dNSName or rfc822Name, causing GnuTLS to accept a certificate that its excludedSubtrees/permittedSubtrees policy should reject. The flaw stems from case-sensitive comparison of name-constraint labels and enables unauthorized access, impersonation, or information disclosure across software (notably Red Hat Enterprise Linux 6-10 and OpenShift Container Platform 4) that relies on GnuTLS for X.509 validation. SSVC notes a public proof-of-concept exists, though EPSS exploitation probability is very low (0.03%, 9th percentile) and the issue is not in CISA KEV.

Authentication Bypass Information Disclosure Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +4
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-14576 HIGH PATCH This Week

Code injection in Qt SVG module allows attackers to execute arbitrary QML/JavaScript when applications load malicious SVG files through Qt Quick's VectorImage component. Exploitation requires local file access and user interaction (opening crafted SVG). While QML execution is more restricted than native code, attackers can still trigger denial of service, exfiltrate application data, or manipulate UI logic depending on the victim application's privilege context. No active exploitation confirmed (not in CISA KEV), but patch available from Qt Project reduces urgency for immediate emergency response.

Code Injection RCE Information Disclosure Denial Of Service Qt
NVD VulDB
CVSS 4.0
7.4
EPSS
0.0%
CVE-2026-41882 HIGH PATCH This Week

Local file disclosure in IntelliJ IDEA's built-in web server allows remote attackers to read arbitrary local files via network requests requiring user interaction. JetBrains IDEA versions before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, and 2026.1.1 are affected. The vulnerability achieves scope change (CVSS S:C) enabling cross-context information theft with high confidentiality impact but no integrity or availability damage. No active exploitation (KEV-absent) or public POC identified at time of analysis, though vendor disclosure suggests controlled remediation timeline.

Information Disclosure Intellij Idea
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-7246 HIGH PATCH This Week

Command injection in Pallets Click's click.edit() function (versions ≤8.3.2) allows local attackers with high privileges to execute arbitrary OS commands via shell metacharacters. The vulnerability stems from unsafe use of shell=True in subprocess calls, fixed in version 8.3.3 by switching to shlex.split for command parsing. Attack complexity is high (AC:H) and requires user interaction (UI:R), limiting real-world exploitation despite CVSS 7.2 score. Public proof-of-concept exists (SSVC: exploitation=poc) but no evidence of active exploitation (not in CISA KEV). EPSS data not provided but expected low given local-only access vector and multiple exploitation constraints.

Command Injection Click
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-40950 HIGH PATCH This Week

Buffer overflow in Absolute Secure Access server (versions before 14.50) allows authenticated remote attackers with modified client software to crash the server through specially crafted messages. This denial-of-service vulnerability requires low-privilege authentication and presents moderate real-world risk given the client modification prerequisite. EPSS data not available; no confirmed active exploitation or public proof-of-concept identified at time of analysis.

Buffer Overflow Stack Overflow Secure Access
NVD VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-42137 HIGH PATCH GHSA This Week

Authenticated users with restricted permissions in Kirby CMS can access pages and files they should not be able to view, bypassing configured access controls in the Panel and REST API. This affects Kirby installations where administrators have explicitly disabled `pages.access`, `pages.list`, `files.access`, or `files.list` permissions for specific user roles through blueprints. The vulnerability allows information disclosure of content models that should be hidden, though write operations remain protected. Patched versions 4.9.0 and 5.4.0 are available from the vendor. No public exploit identified at time of analysis, with EPSS data unavailable for this recent disclosure.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-22070 HIGH This Week

Path traversal in ColorOS Assistant allows local attackers to manipulate file downloads and cause high availability impact via an unauthenticated download channel. The vulnerability (CWE-23) enables writing files to arbitrary paths when a user is socially engineered to trigger the malicious download. OPPO has published a security advisory. No active exploitation confirmed; EPSS data not available for this recent 2026 CVE.

Path Traversal Coloros Assistant
NVD
CVSS 3.1
7.1
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy