Skip to main content
CVE-2026-6498 MEDIUM This Month

Five Star Restaurant Reservations plugin for WordPress versions up to 2.7.16 allows unauthenticated attackers to bypass payment verification through PHP type juggling in the valid_payment() function. The vulnerability exists in the rtb_stripe_pmt_succeed AJAX handler, which uses loose comparison (==) between attacker-supplied payment_id and the booking's stripe_payment_intent_id. When the intent ID is null (before Stripe intent creation), an empty payment_id parameter passes validation, enabling attackers to mark payment-pending bookings as paid without completing actual Stripe payments. This permits unauthorized order fulfillment and revenue loss for affected WordPress sites.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-36180 MEDIUM PATCH This Month

IBM watsonx.data versions 2.2 through 2.3 fail to enforce proper network segmentation between Kubernetes pods in the Lakehouse component, allowing attackers with network access to the cluster to transfer data between pods without authentication or authorization controls. This integrity vulnerability has a moderate CVSS score of 5.3 and requires adjacent network access and specific configuration conditions to exploit.

IBM Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-41226 MEDIUM This Month

Open redirect vulnerability in Ricoh Web Image Monitor affects multiple laser printers and multifunction printers, allowing unauthenticated remote attackers to redirect users to arbitrary websites via specially crafted URLs. Successful exploitation enables phishing attacks by deceiving users into visiting malicious sites while appearing to originate from trusted printer interfaces. No active exploitation has been confirmed, but the vulnerability requires only user interaction (clicking a malicious link) and affects all configurations by default.

Open Redirect
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-22726 MEDIUM This Month

Route Services in Cloud Foundry Routing Release v0.118.0-v0.371.0 and CF Deployment v0.0.2-v54.14.0 allow authenticated malicious developers to bypass application egress rules by configuring route-services that redirect traffic to internal network destinations otherwise unreachable from external networks or the application itself. This affects the scope of the routing infrastructure, enabling information disclosure and potential lateral movement within the Gorouter network.

Information Disclosure Routing Release Cf Deployment
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-36764 MEDIUM This Month

Server-side request forgery in SpringBlade v4.8.0 allows authenticated network attackers to scan internal resources by sending crafted GET requests to the /ureport/datasource/testConnection endpoint, enabling reconnaissance of non-routable or restricted-access network segments. The vulnerability affects confidentiality but requires valid authentication credentials to exploit.

SSRF
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-40687 MEDIUM PATCH This Month

Out-of-bounds write in Exim before 4.99.2 SPA authentication driver allows remote attackers to crash the mail server connection or leak uninitialized heap memory when processing adversarial SPA authentication resources, affecting confidentiality and availability of the mail service.

Buffer Overflow Suse
NVD VulDB
CVSS 3.1
4.8
EPSS
0.1%
CVE-2026-33448 MEDIUM PATCH This Month

Format string vulnerability in Secure Access client for macOS prior to version 14.50 allows authenticated local attackers to leak sensitive data from process memory via crafted logging input, potentially exposing secrets through log files. The vulnerability requires local access and valid user privileges but no user interaction. Patch is available from the vendor.

Information Disclosure Apple
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-5404 MEDIUM PATCH This Month

Denial of service in Wireshark 4.6.0-4.6.4 and 4.4.0-4.4.14 allows local attackers to crash the application by parsing malformed K12 RF5 files with user interaction. The vulnerability stems from a buffer overflow in the K12 RF5 file parser, requiring an attacker to trick a user into opening a crafted file. No public exploit code or active exploitation has been identified at time of analysis.

Denial Of Service Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-1493 MEDIUM PATCH This Month

DOM-based cross-site scripting in LEX Baza Dokumentów through version 1.3.3 allows attackers to execute arbitrary JavaScript in victim browsers via unsafe processing of the 'em' cookie parameter on the client side. Exploitation requires local access and user interaction, and the attacker must have the ability to set a cookie, significantly limiting real-world attack surface. The vendor has released patch version 1.3.4 to address this vulnerability.

XSS Lex Baza Dokument W
NVD VulDB
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-6539 MEDIUM PATCH This Month

Format string injection in Notepad++ 8.9.3 Find Results panel handler allows local attackers to cause denial of service and disclose stack memory by distributing malicious nativeLang.xml language pack files that trigger unsafe format string interpretation during search operations. User interaction is required to load the poisoned language pack and perform a search. No active exploitation confirmed, but patch is available from vendor.

Denial Of Service Information Disclosure Notepad
NVD
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-36757 MEDIUM This Month

Server-Side Request Forgery (SSRF) in Halo v2.22.14's /plugins/{name}/upgrade-from-uri endpoint permits authenticated attackers to scan internal network resources and retrieve sensitive data via crafted GET requests, potentially enabling reconnaissance of internal infrastructure. The vulnerability requires valid authentication credentials but operates with low attack complexity, affecting the confidentiality of internal resources without requiring user interaction or administrative privileges.

SSRF N A
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-36758 MEDIUM This Month

Server-side request forgery in Halo v2.22.14 /themes/-/install-from-uri endpoint allows authenticated attackers to scan internal resources and access sensitive network information via crafted GET requests. The vulnerability requires valid authentication credentials but operates with low attack complexity and results in confidentiality impact through information disclosure of internal network topology and services.

SSRF N A
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-41519 MEDIUM PATCH GHSA This Month

Weblate fails to revoke Django REST Framework API tokens when users change their passwords, allowing attackers with knowledge of a user's old credentials to continue accessing APIs indefinitely even after password changes. The vulnerability affects authenticated users on Weblate versions prior to 5.17.1 and requires high attack complexity due to the need for legitimate account access, but carries meaningful risk in multi-user translation environments where password compromise may go undetected.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-42798 MEDIUM PATCH This Month

Integer overflow in Little CMS color engine versions 2.16 through 2.18 allows local attackers to trigger integer overflow in the ParseCube function when processing specially crafted color lookup table (LUT) input files, potentially resulting in buffer overflow and denial of service or information disclosure. The vulnerability affects the CGATS parser used for loading ICC color profiles and LUT data. No public exploit code identified at time of analysis, though upstream fix is available in version 2.19.

Integer Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-40686 LOW PATCH Monitor

Out-of-bounds read in Exim before 4.99.2 when UTF-8 operators are enabled allows remote unauthenticated attackers to leak sensitive information through error messages by sending email with malformed UTF-8 trailing characters in headers. The vulnerability has high attack complexity due to the requirement for UTF-8 operator enablement and specific malformed input crafting, but requires no user interaction and operates over the network on default deployments.

Information Disclosure Buffer Overflow Exim
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-3832 LOW PATCH Monitor

GnuTLS with OCSP verification enabled incorrectly accepts revoked server certificates when presented with specially crafted multi-record OCSP responses during TLS handshakes, allowing attackers to bypass certificate revocation checks and establish connections to compromised servers. The vulnerability requires high attack complexity and specific OCSP configuration, affecting Red Hat Enterprise Linux 6-10, Red Hat Hardened Images, and OpenShift Container Platform 4. No public exploit code or active exploitation has been identified at the time of analysis.

Information Disclosure Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 +3
NVD VulDB
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-33446 LOW PATCH Monitor

Buffer overflow in the authentication subsystem of Absolute Secure Access prior to version 14.50 allows remote attackers controlling a malicious server to send specially crafted packets that corrupt memory, potentially causing denial of service. The vulnerability requires high attack complexity and user interaction, resulting in low confidentiality, integrity, and availability impact. No public exploit code or active exploitation has been identified at the time of analysis.

Buffer Overflow Secure Access
NVD VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2026-33447 LOW PATCH Monitor

Buffer overflow in Secure Access message parsing prior to version 14.50 allows remote attackers with control of a modified server to send specially crafted packets that corrupt memory, potentially causing denial of service or limited information disclosure. Attack requires network access, high complexity, and user interaction; CVSS 2.3 reflects limited real-world impact despite the vulnerability class.

Buffer Overflow Stack Overflow Secure Access
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-33450 LOW PATCH Monitor

Out-of-bounds read in Absolute Secure Access macOS client prior to version 14.50 allows remote attackers with control of a modified server to send malformed packets triggering denial of service. The vulnerability requires high attack complexity (modified server infrastructure and user interaction) and results in availability impact only, with a low CVSS score of 2.3 reflecting limited real-world severity despite network accessibility.

Buffer Overflow Apple Information Disclosure
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-33449 LOW PATCH Monitor

Buffer overflow in Absolute Secure Access prior to version 14.50 allows remote attackers to cause denial of service by sending a cryptographically valid message to the client, potentially overwriting memory. The vulnerability requires network access and user interaction (UI:P), making it a moderate-complexity attack with low availability impact. Vendor has released a patch available as of the CVE disclosure.

Denial Of Service Buffer Overflow Stack Overflow Secure Access
NVD VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-7510 LOW Monitor

Authorization bypass in OWASP DefectDojo up to version 2.55.4 allows authenticated users to manipulate objects in Benchmark, Engagement, Product, and Survey components by directly accessing resources via unvalidated object IDs, bypassing ownership checks. The vulnerability affects multiple endpoints that retrieve objects without verifying the requesting user has authorization to access the specific resource, enabling lateral privilege escalation and unauthorized data modification. Publicly disclosed exploit code exists, and the vulnerability requires network access with valid authentication credentials to exploit.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7508 LOW Monitor

Code injection in Bootstrap CMS 0.9.0-alpha page creation handler allows authenticated remote attackers to inject arbitrary code via the body parameter in resources/views/pages/show.blade.php, with publicly available exploit code and a CVSS score of 2.1 reflecting low confidentiality/integrity impact. The vulnerability affects an unmaintained product with an inactive code repository, limiting real-world exposure but enabling opportunistic exploitation of legacy deployments.

PHP Code Injection
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7429 LOW Monitor

Reflected cross-site scripting in SSCMS v7.4.0 allows authenticated attackers to inject arbitrary JavaScript through crafted STL template payloads in the /api/stl/actions/dynamic endpoint. The vulnerability arises from improper output encoding when decrypted STL templates are returned in JSON responses, enabling session hijacking, credential theft via phishing, and unauthorized user actions. User interaction is required to trigger the payload, limiting but not eliminating real-world risk.

XSS Sscms
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-13030 LOW Monitor

Remote code execution in django-mdeditor (all versions prior to commit 3e80f9e) allows unauthenticated attackers to upload malicious files via the image upload endpoint. The vulnerability combines missing authentication (CWE-306) with insufficient filename sanitization, enabling arbitrary code execution when uploaded files are accessed. Exploit code is publicly available (CVSS E:P), though user interaction is required (UI:R). EPSS data not available, not listed in CISA KEV at time of analysis.

Authentication Bypass RCE Python
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.1%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy