Skip to main content
CVE-2026-7819 HIGH PATCH GHSA This Week

Symbolic link path traversal in pgAdmin 4 File Manager allows authenticated users to write arbitrary files on the server filesystem. Attackers with valid credentials can plant symlinks in their storage directory pointing outside it, bypassing access controls to overwrite critical system files or application configurations with pgAdmin process privileges. The vulnerability combines CWE-61 (symlink following) with a time-of-check-time-of-use race condition. Affects all pgAdmin 4 versions before 9.15. No active exploitation confirmed (not in CISA KEV), but exploit is straightforward for authenticated attackers given the detailed fix description published by PostgreSQL project.

Path Traversal Pgadmin 4
NVD GitHub
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-2393 HIGH PATCH GHSA This Week

Server-Side Request Forgery in MLflow allows authenticated users to force the MLflow backend to send HTTP requests to arbitrary URLs, including internal services and cloud metadata endpoints (e.g., AWS EC2 metadata at 169.254.169.254). Affects MLflow versions prior to 3.9.0. The webhook creation endpoint accepts unvalidated user-controlled URLs that are later used in HTTP POST requests, enabling cloud credential theft, internal network reconnaissance, and data exfiltration. Vendor-released patch available in MLflow 3.9.0, confirmed by GitHub commit 64aa0ab. No active exploitation confirmed (not in CISA KEV), but publicly disclosed with detailed technical analysis from huntr.com.

SSRF Mlflow Mlflow Red Hat
NVD GitHub
CVSS 3.0
7.1
EPSS
0.0%
CVE-2026-7817 HIGH PATCH GHSA This Week

Authenticated users in pgAdmin 4 before version 9.15 can read arbitrary server-side files or trigger server-side request forgery (SSRF) attacks via unvalidated LLM API configuration endpoints. The vulnerabilities exist in the chat and model-list endpoints where user-supplied api_key_file and api_url parameters are passed directly to LLM provider clients without sanitization, enabling attackers to exfiltrate sensitive files (database credentials, private keys) readable by the pgAdmin process or coerce internal requests to cloud metadata services and private infrastructure.

SSRF Path Traversal Information Disclosure Pgadmin 4
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44569 HIGH PATCH GHSA This Week

Insecure Direct Object Reference (IDOR) in Open WebUI allows authenticated users with read-only channel access to modify or delete any message in those channels, bypassing frontend ownership controls through direct API calls. The vulnerability affects the channels feature in Open WebUI versions ≤0.6.18, exploiting missing message ownership validation in backend FastAPI endpoints despite correct frontend access control implementation. Publicly available exploit code exists with detailed proof-of-concept demonstrating privilege escalation from read to write/delete permissions. Vendor-released patch available in version 0.6.19.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-28941 HIGH PATCH This Week

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.

Apple Buffer Overflow
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-34960 HIGH PATCH This Week

barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK packet without a proper 0xff end marker to cause the parser to read past valid packet data and potentially crash the system.

Information Disclosure Buffer Overflow Barebox
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44473 HIGH PATCH GHSA This Week

User equipment (UE) downlink traffic can be redirected to attacker-controlled radios in Ella Core (5G AMF software) versions prior to 1.10.0. A malicious radio with a valid NG Setup connection can forge PDUSessionResourceSetupResponse messages using arbitrary AMF-UE-NGAP-IDs, causing Ella Core to create GTP tunnels that misdirect victim UE downlink packets to the attacker's radio. This enables traffic interception and denial of service against targeted UEs. The vulnerability stems from missing validation that NGAP messages arrive on the correct SCTP association for the UE context. No public exploit identified at time of analysis, and EPSS data not available. Vendor-released patch: version 1.10.0.

Information Disclosure
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-45022 HIGH PATCH GHSA This Week

Commit and tag signature confusion in go-git (the pure-Go implementation of Git) lets a crafted Git object carry a signature that validates while its effective metadata differs from what was actually signed. Because go-git parses ambiguous or malformed object headers differently from canonical Git, and because its signing/verification path operates over a reconstructed representation rather than the raw object bytes, an attacker with contributor access can create commits whose displayed author/committer/metadata diverges from the signed payload - undermining downstream trust decisions (the issue was originally surfaced through sigstore/gitsign). Affected releases are go-git v5 before 5.19.0 and v6 alpha builds 6.0.0-alpha.1 through 6.0.0-alpha.2. There is no public exploit identified at time of analysis, it is not listed in CISA KEV, and no EPSS score was provided in the source data.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
7.0
EPSS
0.0%
CVE-2026-40607 HIGH PATCH GHSA This Week

Incorrect escaping of a saved filter's owner allows an attacker to inject arbitrary HTML on systems where $g_show_user_realname = ON. ### Impact Cross-site scripting (XSS). Note that By default, only users with *Manager* access level or above can save their filters publicly ### Patches - 44f490bcf20fd491c1b8f3fc9dd041d8c2a30010 ### Workarounds - Prevent display of users' real name (set `$g_ show_user_realname = OFF;` in configuration) - Restrict ability to store filters (set $`g_stored_query_create_threshold` / $`g_stored_query_create_shared_threshold` to `NOBODY` ### Credits Thanks to siunam (Tang Cheuk Hei) for discovering and responsibly reporting the issue.

XSS
NVD GitHub
EPSS
0.0%
CVE-2026-40597 HIGH PATCH GHSA This Week

Given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's _script-src_ directive by uploading a crafted attachment to any issue that, when accessed via the _file_download.php_ link, will be downloaded with a valid JavaScript MIME type resulting in script execution. The uploaded payload must be sniffed as a valid JavaScript MIME type by PHP finfo (see file_create_finfo() API function). Non-JavaScript MIME types will not get imported in a `<script>` tag by the browser, due to response header X-Content-Type-Options being set to _nosniff_, which requires all imported JavaScript files to be a valid JavaScript MIME type. ### Impact Cross-site scripting ### Patches - 9e3bee2e7b909f4e3596985892b8bc8bee9e0bfe ### Workarounds None ### Credits Thanks to siunam (Tang Cheuk Hei) for discovering and responsibly reporting the issue.

XSS PHP
NVD GitHub
EPSS
0.1%
CVE-2026-40596 HIGH PATCH GHSA This Week

Any authenticated user can inject arbitrary HTML via updating their account's font family. ### Impact Cross-site scripting. The injected payload will be reflected in every MantisBT page. Leveraging another vulnerability (CSP bypass, see [GHSA-9c3j-xm6v-j7j3](https://github.com/mantisbt/mantisbt/security/advisories/GHSA-9c3j-xm6v-j7j3)), the attacker could achieve account takeover. ### Patches - 9e8409cdd979eba86ef532756fc47c1d8112d22d ### Workarounds None ### Credits Thanks to siunam (Tang Cheuk Hei) for discovering and responsibly reporting the issue.

XSS
NVD GitHub
EPSS
0.1%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy