Skip to main content
CVE-2026-43514 LOW PATCH Monitor

Timing side-channel in Apache Tomcat's AJP secret comparison exposes the shared AJP connector secret to remote, unauthenticated attackers capable of making precise network timing measurements. The vulnerability, tracked as CWE-208 (Observable Timing Discrepancy), affects all major Tomcat branches from 7.0.0 through current releases prior to the fixed versions, and could allow an attacker to recover the AJP shared secret through repeated probing. No public exploit code exists at time of analysis, EPSS is 0.02%, and CISA SSVC rates exploitation as none - making real-world risk low despite the network-accessible attack vector.

Information Disclosure Apache Tomcat Apache Tomcat
NVD VulDB HeroDevs
CVSS 3.1
3.7
EPSS
0.0%
CVE-2026-34685 LOW Monitor

Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch - ticket says 'Arbitrary file system write', CIA triad derives 'Security Feature Bypass'. Verify CVSS vector before publishing.] are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue requires user interaction in that a victim must visit a maliciously crafted URL or interact with a compromised web page. Scope is changed.

Authentication Bypass Adobe Adobe Commerce
NVD
CVSS 3.1
3.4
EPSS
0.0%
CVE-2026-40131 LOW Monitor

SQL injection in SAP HANA Deployment Infrastructure (HDI) deploy library allows high-privileged users to manipulate dynamically constructed SQL queries, potentially altering SELECT statements and compromising confidentiality and availability. Attack requires local access and high privileges (PR:H), limiting real-world risk despite SQL injection severity. No public exploit code or active exploitation has been identified at the time of analysis.

SQLi SAP
NVD VulDB
CVSS 3.1
3.4
EPSS
0.0%
CVE-2026-42445 LOW PATCH Monitor

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the UFS/UFS2 filesystem image parser in NanaZip. The function GetAllPaths recurses into subdirectories without any depth limit or visited-inode tracking. A crafted UFS image with a deep directory tree or an inode cycle causes stack exhaustion, crashing the NanaZip process. This vulnerability is fixed in 6.0.1698.0.

Denial Of Service Nanazip
NVD GitHub
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-42444 LOW PATCH Monitor

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a denial-of-service vulnerability exists in the littlefs filesystem image parser in NanaZip. The handler's Open method reads BlockCount directly from the attacker-controlled superblock without any validation against the actual file size or any upper-bound ceiling, then iterates BlockCount times, allocating a file-path entry per iteration. A crafted 44-byte littlefs image with BlockCount = 0xFFFFFFFF causes ~4 billion heap allocations, exhausting available memory. This vulnerability is fixed in 6.0.1698.0.

Denial Of Service Nanazip
NVD GitHub VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-42443 LOW PATCH Monitor

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an integer divide-by-zero exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the superblock field fs_ipg (inodes per cylinder group) is set to zero. The parser uses this attacker-controlled value as a divisor without validation, causing an immediate hardware trap and process crash. This vulnerability is fixed in 6.0.1698.0.

Denial Of Service Nanazip
NVD GitHub VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-42442 LOW PATCH Monitor

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a null-pointer dereference exists in the UFS/UFS2 filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted UFS image where the root inode (inode 2) is set to IFLNK (symlink) instead of IFDIR (directory). The parser unconditionally treats the root inode as a directory without checking its type, and when the symlink has an embedded target (small di_size), the directory data buffer is zero-length, causing a null-pointer dereference on the first read. This vulnerability is fixed in 6.0.1698.0.

Denial Of Service Null Pointer Dereference Nanazip
NVD GitHub VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-42355 LOW PATCH Monitor

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, an uncontrolled recursion vulnerability exists in the Electron Archive (ASAR) parser in NanaZip. When opening a crafted .asar file with deeply nested JSON in the header, both nlohmann::json::parse and the handler's GetAllPaths function recurse without depth limits, exhausting the thread stack and crashing the NanaZip process. This vulnerability is fixed in 6.0.1698.0.

Denial Of Service Nanazip
NVD GitHub VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-45362 LOW PATCH Monitor

Sangoma Switchvox before version 8.4 stores SIP authentication credentials in cleartext within backup files, allowing local attackers with physical or filesystem access to recover credentials with low complexity. This information disclosure vulnerability affects systems using the default backup functionality and has a publicly documented proof-of-concept exploit available on GitHub.

Information Disclosure Switchvox
NVD GitHub VulDB
CVSS 3.1
3.2
EPSS
0.0%
CVE-2026-40020 LOW PATCH Monitor

OX Dovecot Pro is vulnerable to IMAP SETACL command injection that allows authenticated users to bypass the imap_acl_allow_anyone configuration setting and inject the anyone permission into dovecot-acl files, enabling spam of mailbox folders to all users. The vulnerability requires authentication and elevated complexity conditions (CVSS 3.1), and no public exploits are known at the time of analysis.

Authentication Bypass Ox Dovecot Pro
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-32684 LOW Monitor

Hikvision Hik-Connect App fails to enforce strict directory access permissions, allowing other locally-installed applications to read sensitive information stored by the app on the device filesystem. The vulnerability requires local access and high attack complexity but poses information disclosure risk to users with multiple apps on the same device. No public exploit or active exploitation has been identified; CVSS score of 2.9 reflects the local-only attack vector and limited confidentiality impact.

Information Disclosure Hik Connect App
NVD
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-42158 LOW Monitor

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, an adversary with knowledge of an investigation ID, could update the metadata of an investigation of another user. This vulnerability is fixed in 1.2.3.

Authentication Bypass
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-44278 LOW Monitor

Fortinet FortiClient Windows versions 7.2 (all) and 7.4.0 through 7.4.2 contain a hard-coded cryptographic key vulnerability that allows high-privileged local attackers to disclose sensitive information. The vulnerability requires local access and administrator-level privileges, limiting its real-world exploitation scope to threats already present on compromised systems or malicious insiders. No public exploit code or active exploitation has been confirmed at the time of analysis.

Fortinet Information Disclosure
NVD VulDB
CVSS 3.1
2.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy