Skip to main content
CVE-2026-46477 HIGH PATCH GHSA This Week

Cross-workspace dataset takeover in FlowiseAI Flowise (<=3.1.1) allows any authenticated workspace member to reassign Dataset entities to an arbitrary workspace by submitting a crafted workspaceId field in create/update request bodies. The flaw stems from an unfiltered Object.assign(entity, body) call in packages/server/src/services/dataset/index.ts, breaking tenant isolation in this multi-workspace LLM orchestration platform. No public exploit identified at time of analysis, though the GHSA-5h9v-837x-m97r advisory includes step-by-step exploitation details and the vendor confirms PoC verification via source inspection.

RCE
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-46476 HIGH PATCH GHSA This Week

Cross-workspace data takeover in FlowiseAI Flowise <= 3.1.1 allows any authenticated workspace member to reassign CustomTemplate entities to arbitrary workspaces by injecting a `workspaceId` field in the request body, exploiting mass assignment in the marketplaces controller. The flaw breaks tenant isolation and enables IDOR-style template hijacking. No public exploit identified at time of analysis, though the GHSA advisory contains a fully documented exploit chain.

RCE
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-46475 HIGH PATCH GHSA This Week

Cross-workspace assistant takeover in FlowiseAI Flowise <= 3.1.1 allows any authenticated workspace member to reassign Assistant entities (including their system prompts, tool configurations, and embedded credentials) to arbitrary other workspaces by submitting a client-controlled workspaceId in create or update request bodies. The flaw stems from unfiltered Object.assign() on user input in packages/server/src/services/assistants/index.ts, enabling tenant-isolation bypass and IDOR. No public exploit identified at time of analysis, though the vendor advisory GHSA-78pr-c5x5-jggc includes a detailed PoC walkthrough making weaponization straightforward.

RCE
NVD GitHub VulDB
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-44883 HIGH PATCH GHSA This Week

Token leakage in Portainer's authentication middleware allows JWT bearer tokens passed via the `?token=<JWT>` URL query parameter to be harvested from reverse-proxy access logs, browser history, and HTTP Referer headers, enabling account takeover for the validity window of the token (default 8 hours). The flaw affected any user with container exec/attach rights - not just administrators - and a leaked admin token grants full control of Portainer and every managed Docker/Kubernetes environment. No public exploit identified at time of analysis, though the underlying behavior was present since JWT auth was introduced and the GitHub Security Advisory provides sufficient detail to weaponize.

Kubernetes Docker Information Disclosure Nginx
NVD GitHub
CVSS 4.0
7.7
EPSS
0.1%
CVE-2026-45303 HIGH PATCH GHSA This Week

Stored cross-site scripting (XSS) in Open WebUI versions before 0.6.5 allows authenticated users to exfiltrate session tokens via maliciously crafted chat content. The HTML rendering view uses an insufficiently restrictive iframe sandbox (`allow-scripts allow-forms allow-same-origin`), enabling injected JavaScript to access localStorage and transmit authentication tokens to attacker-controlled servers. While primarily self-XSS, exploitation extends to other users through shared chat cloning, file upload content rendering, or conversation import features. Publicly available exploit code exists (GitHub advisory includes working PoC). CVSS 7.7 reflects high complexity requiring user interaction, but successful exploitation grants full account compromise (C:H/I:H).

XSS
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-45338 HIGH PATCH GHSA This Week

Server-Side Request Forgery (SSRF) in Open WebUI versions ≤0.8.12 allows authenticated users with OAuth access to force the server to make HTTP requests to arbitrary internal resources and exfiltrate complete response data. Exploitation requires OAuth-enabled deployments with ENABLE_OAUTH_SIGNUP=true or OAUTH_UPDATE_PICTURE_ON_LOGIN=true. An attacker controls the OAuth provider's 'picture' claim URL, triggering server-side HTTP requests to cloud metadata services (AWS IMDS), localhost services (Redis, Elasticsearch), or internal network endpoints. The full response is base64-encoded and stored in the user's profile_image_url field, enabling complete data exfiltration. Fixed in version 0.9.0 per GitHub advisory GHSA-24c9-2m8q-qhmh. EPSS data not available; no CISA KEV listing indicates limited widespread exploitation, though publicly available proof-of-concept exists in the GitHub advisory.

Redis SSRF Python Docker Elastic
NVD GitHub
CVSS 3.1
7.7
EPSS
0.0%
CVE-2026-42863 HIGH PATCH GHSA This Week

{chatflowId} endpoint to overwrite server-controlled fields including workspaceId, deployed, isPublic, createdDate, and updatedDate. The vendor advisory GHSA-5wxp-qjgq-fx6m confirms tenant isolation can be broken in multi-tenant deployments, and publicly available exploit code exists in the form of a detailed PoC published with the advisory. No public exploit identified at time of analysis as actively used in the wild, and this CVE is not listed in CISA KEV.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.0%
CVE-2026-42862 HIGH PATCH GHSA This Week

{toolId}) allows authenticated users to overwrite server-controlled fields including workspaceId, createdDate, and updatedDate, breaking tenant isolation in multi-workspace deployments. The flaw stems from the request body being merged directly into the database entity without DTO validation or authorization checks, and a working proof-of-concept is published in the GHSA-x5v6-pj28-cwwm advisory. No public exploit identified at time of analysis in CISA KEV; vendor-released patch is Flowise 3.1.2.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.0%
CVE-2026-42861 HIGH PATCH GHSA This Week

Mass assignment in FlowiseAI Flowise allows authenticated low-privilege users to modify server-controlled properties on the PUT /api/v1/variables/{variableId} endpoint, including workspaceId, createdDate, and updatedDate. By reassigning a variable's workspaceId to an arbitrary value, an attacker can break tenant isolation in multi-workspace deployments and move variables across tenant boundaries. Publicly available exploit code exists in the GHSA-6fw7-3q8r-m5vj advisory, but no public exploit identified at time of analysis as widespread weaponization, and the issue is not listed in CISA KEV.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.6
EPSS
0.0%
CVE-2026-45012 HIGH GHSA This Week

Authenticated server-side request forgery in ApostropheCMS allows low-privilege users to force the server to fetch arbitrary internal URLs through the rich-text widget import flow. Attackers with content editing permissions can exfiltrate internal data by crafting malicious image tags that trigger server-side fetch operations, with image-compatible responses being persisted and re-hosted by the application. Publicly available exploit code exists (full Python PoC published in GitHub advisory GHSA-pr28-mf3q-qpg6), enabling immediate weaponization. All versions through 4.29.0 are affected with no vendor-released patch identified at time of analysis, creating sustained exposure for organizations running this popular Node.js CMS.

Python SSRF
NVD GitHub
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-8557 HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption Privilege Escalation Google +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8510 HIGH PATCH This Week

Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Microsoft Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8547 HIGH PATCH This Week

Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Authentication Bypass Privilege Escalation Microsoft Google Red Hat +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-6514 HIGH This Week

Server-Side Request Forgery (SSRF) in InfusedWoo Pro plugin for WordPress versions up to 5.1.2 allows unauthenticated remote attackers to exploit the popup_submit function to read arbitrary files from the server and make unauthorized web requests to internal network resources. This vulnerability enables reconnaissance and potential access to internal services that should not be externally accessible, including cloud metadata endpoints, internal APIs, and localhost services. CVSS 7.5 (High) reflects network-accessible attack with no authentication required and high confidentiality impact. EPSS data not available; no active exploitation confirmed via CISA KEV at time of analysis.

SSRF WordPress
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-44673 HIGH PATCH This Week

Integer overflow in libyang's lyb_read_string() function leads to heap buffer overflow during LYB binary parsing, enabling remote denial-of-service attacks against NETCONF servers, sysrepo, and other YANG data consumers. The vulnerability (CWE-190) allows unauthenticated attackers to crash services by supplying maliciously crafted LYB blobs over network connections. Fixed in version SO 5.2.15. CVSS 7.5 (High) with network attack vector and low complexity, though currently limited to availability impact. No active exploitation confirmed (not in CISA KEV); public exploit code status unknown.

Integer Overflow Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-6479 HIGH PATCH This Week

Denial of service in PostgreSQL allows remote unauthenticated attackers to crash the database server via recursive SSL/GSS negotiation when connecting to AF_UNIX or TCP sockets (if SSL and GSS are both disabled). Affects all PostgreSQL versions prior to 18.4, 17.10, 16.14, 15.18, and 14.23. No active exploitation confirmed (not in CISA KEV). Vendor-released patches available across all supported major versions. EPSS data not available, but CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) indicates high availability impact with low barrier to exploitation.

Denial Of Service PostgreSQL Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-42570 HIGH PATCH GHSA This Week

Excessive memory allocation in devalue.parse (npm package) allows remote attackers to exhaust process memory via crafted sparse array payloads. Affects versions 5.6.3 through 5.8.0. Exploits JavaScript engine behavior where declaring large array lengths triggers eager memory allocation in V8, enabling denial-of-service with minimal payload size. Vendor-released patch 5.8.1 forces sparse allocation by touching MAX_ARRAY_INDEX before setting length. No active exploitation confirmed (not in CISA KEV), but publicly available exploit code exists in security advisory test cases.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14870 HIGH PATCH This Week

Denial of service in GitLab Community and Enterprise Editions (versions 18.5 through 18.11.2) allows remote unauthenticated attackers to exhaust resources by submitting specially crafted JSON payloads that bypass input validation. The flaw is network-reachable with low complexity and no authentication required, but only impacts availability (CVSS 7.5, A:H). No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04% (11th percentile), though CISA SSVC flags the issue as automatable.

Denial Of Service Gitlab
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-45398 HIGH PATCH GHSA This Week

Insecure Direct Object Reference (IDOR) in Open WebUI's retrieval API allows authenticated users to bypass knowledge base access controls and directly access, modify, or delete other users' private knowledge bases by supplying the target UUID as a collection name. The authorization gap affects seven endpoints: two read endpoints (/query/doc, /query/collection) permit exfiltration of private knowledge base content, while five write endpoints (/process/text, /process/file, /process/files/batch, /process/web, /process/youtube) enable content injection, poisoning, or complete data destruction via overwrite. Affects Open WebUI <= 0.9.4; fixed in v0.9.5 via PR #22109. EPSS data not available; no confirmed active exploitation (CVSS 7.5 reflects AC:H due to UUID prerequisite, but UUIDs leak through multiple channels per researcher analysis).

Authentication Bypass Python Docker
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-1659 HIGH PATCH This Week

Denial of service in GitLab CE/EE allows unauthenticated remote attackers to disrupt service availability by sending specially crafted requests that exploit insufficient input validation. Affected versions span 9.0 through 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 across both Community and Enterprise editions, with no public exploit identified at time of analysis and a low EPSS score (0.04%) indicating limited near-term exploitation likelihood despite the network-reachable attack surface.

Denial Of Service Gitlab
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8585 HIGH PATCH This Week

Out-of-bounds memory read in Google Chrome on iOS versions before 148.0.7778.168 enables remote attackers to access sensitive memory contents through a compromised renderer process. The vulnerability requires user interaction to visit a malicious webpage and exploitation of a prior renderer compromise. With EPSS at 0.03% and no known active exploitation, this represents a moderate risk primarily in targeted attack chains.

Google Information Disclosure Apple Suse Chrome
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8521 HIGH PATCH This Week

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-14869 HIGH PATCH This Week

Denial of service in GitLab Community and Enterprise Edition versions 18.5 through 18.11.2 allows unauthenticated remote attackers to disrupt service availability by sending specially crafted payloads to certain API endpoints. The flaw maps to CWE-1284 (improper validation of specified quantity in input) and has been patched in 18.9.7, 18.10.6, and 18.11.3. No public exploit identified at time of analysis and EPSS probability is very low (0.03%, 9th percentile), but the SSVC framework flags the attack as automatable with partial technical impact.

Denial Of Service Gitlab
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-68420 HIGH PATCH This Week

Memory dump attacks against Comarch ERP Optima client expose hardcoded high-privilege database credentials, allowing local attackers with process control to bypass application-level access controls and gain direct database access with elevated privileges. Exploitation requires a configured client installation but no user login, creating persistent risk on shared workstations. CERT-PL publicly disclosed this credential management flaw (CWE-266) with patch available in version 2026.4, though no active exploitation or public POC has been confirmed.

Information Disclosure Erp Optima
NVD
CVSS 4.0
7.5
EPSS
0.0%
CVE-2026-46419 HIGH PATCH This Week

Authentication bypass in Yubico java-webauthn-server (webauthn-server-core) 2.8.0 through 2.8.1 allows an attacker holding any valid registered credential to impersonate other users during the second-factor flow. The flaw stems from an unchecked return value in finishAssertion that accepts a successful authentication result even when the authenticated credential belongs to a different user than the one named in StartAssertionOptions.username. No public exploit identified at time of analysis, and EPSS is very low (0.01%), but CISA SSVC rates the technical impact as total.

Information Disclosure Webauthn Server Core
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-43977 HIGH GHSA This Week

Insecure Direct Object Reference in wger fitness platform exposes any authenticated user's complete workout history, session notes, and training statistics through template routine API endpoints. Attackers with free accounts enumerate public template routine IDs and retrieve owners' private health data including workout notes, weights, repetitions, and performance metrics via /api/v2/routine/{id}/logs/ and /api/v2/routine/{id}/stats/ endpoints. Detailed proof-of-concept with Python exploit confirms trivial exploitation against wger <= 2.5.0a2. CVSS 7.5 rates this High severity, but NOTE: vector PR:N appears inconsistent with authenticated-only access described - attackers need valid credentials, suggesting actual vector should be PR:L. EPSS data not available. No CVE KEV listing or public exploit repositories identified beyond GitHub advisory disclosure. Patch status unconfirmed - GitHub advisory references fix commit but no released version number provided in available data.

Authentication Bypass Python Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-4029 HIGH This Week

Unauthenticated attackers can export complete database tables from WordPress Multisite installations running Database Backup for WordPress plugin ≤2.5.2, exposing credentials, user data, and site content. The vulnerability stems from improper enforcement of authorization check return values, bypassing security controls. Exploitation is limited to legacy WordPress Multisite environments using the deprecated is_site_admin() function. CVSS 7.5 (High) with network attack vector and no authentication required. No CISA KEV listing indicates limited widespread exploitation, though the unauthenticated remote access vector presents significant risk for affected configurations.

Authentication Bypass Information Disclosure WordPress
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-4031 HIGH This Week

Authorization bypass in Database Backup for WordPress plugin (≤2.5.2) enables unauthenticated attackers to redirect scheduled backup files to publicly accessible directories and retrieve them before cleanup. By poisoning the wp_db_temp_dir parameter via wp-cron.php, attackers can intercept database backups containing credentials, password hashes, and PII. Backup filenames follow predictable patterns (database name, table prefix, date, Swatch Internet Time), making interception reliable. Exploitation requires administrator-configured scheduled backups but no authentication or user interaction (CVSS AV:N/AC:L/PR:N/UI:N). EPSS and KEV data not provided; Wordfence-reported vulnerability with publicly accessible source code references enabling attack reproduction.

Authentication Bypass PHP Information Disclosure WordPress
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-45314 HIGH PATCH GHSA This Week

Stored cross-site scripting in Open WebUI versions 0.9.2 and earlier allows authenticated low-privileged users to persist malicious SVG payloads through the channel webhook profile_image_url field, which the server later serves verbatim as image/svg+xml. Any verified user who loads the resulting profile image URL executes attacker-controlled JavaScript in the application origin, enabling session theft and account takeover. Publicly available exploit code exists in the form of a working Python PoC published in the GHSA advisory; no public exploit identified at time of analysis as actively used in the wild.

XSS
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.0%
CVE-2026-45310 HIGH PATCH GHSA This Week

HTTP redirect bypass in DeepSeek TUI's fetch_url tool allows Server-Side Request Forgery (SSRF) against cloud metadata endpoints and internal services. The tool validates only the initial URL against restricted IP blocklists but automatically follows up to 5 HTTP redirects without re-validation, enabling attackers to exfiltrate AWS/GCP/Azure IAM credentials and instance metadata via prompt injection attacks. Vendor-released patch available in version 0.8.22. No active exploitation confirmed (not in CISA KEV), but detailed proof-of-concept exists in public advisory demonstrating successful bypass of SSRF protections.

SSRF Microsoft
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-45373 HIGH PATCH GHSA This Week

Server-Side Request Forgery in DeepSeek-TUI's fetch_url tool allows remote attackers to bypass IPv6 SSRF protections and access local restricted resources. The vulnerability exists in versions prior to 0.8.26 where supplying IPv6 addresses in bracket notation (http://[::1]) circumvents hostname-based validation that only checks resolved addresses, not literal IPv6 URLs. Public exploit code exists with a working proof-of-concept requiring only user interaction to trigger via a malicious prompt. CVSS score of 7.4 reflects high confidentiality impact with scope change, though EPSS data is not available for this recently disclosed vulnerability.

SSRF
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-3290 HIGH PATCH This Week

Hardware random number generator (HRNG) in Silicon Labs RS9116 SDK versions up to 2.13.1 produces predictable cryptographic values when the wireless module operates in power save mode, enabling adjacent attackers with user interaction to compromise encrypted communications and authentication mechanisms. Vendor patch available via GitHub; no active exploitation confirmed but cryptographic weakness poses high risk to WiFi/Bluetooth IoT deployments relying on the affected module's entropy source.

Information Disclosure Rs9116 Sdk
NVD GitHub
CVSS 4.0
7.4
EPSS
0.0%
CVE-2026-44636 HIGH PATCH This Week

Heap buffer overflow in libsixel 1.8.7-r1 and earlier allows local attackers to execute arbitrary code or crash the application when encoding images with dimensions exceeding 2.15 billion pixels. The sixel_encode_highcolor function contains a signed integer overflow in allocation size calculation that wraps to a small value, causing malloc to succeed with an undersized buffer that the encoder subsequently overflows. Fixed in version 1.8.7-r2. No CISA KEV listing or public exploit code identified at time of analysis, with EPSS exploitation probability presumably low given the highly specific triggering conditions.

Heap Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-24712 HIGH This Week

Command injection in CFEngine Enterprise and Community editions before versions 3.21.8, 3.24.3, and 3.27.0 enables remote unauthenticated attackers to execute arbitrary commands on the system. The vulnerability has an EPSS score of 0.15% indicating relatively low exploitation probability, and no public exploit identified at time of analysis. SSVC framework rates this as automatable with total technical impact, suggesting high potential severity if exploited.

Command Injection
NVD VulDB
CVSS 3.1
7.3
EPSS
0.2%
CVE-2026-45011 HIGH GHSA This Week

Stored cross-site scripting in ApostropheCMS 4.29.0 allows authenticated editors to inject arbitrary JavaScript via image widget URL fields, affecting administrators and public visitors. The vulnerability permits execution of malicious payloads when victims click crafted image links on published pages. No vendor-released patch identified at time of analysis, and CVSS 7.3 (High) reflects the authenticated nature and required user interaction, though impact on administrator sessions elevates real-world risk.

XSS
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-3718 HIGH This Week

Stored cross-site scripting in the ManageWP Worker WordPress plugin (versions ≤ 4.9.31) allows unauthenticated remote attackers to inject arbitrary JavaScript via a crafted 'MWP-Key-Name' HTTP request header, which executes when an administrator later visits the plugin's connection management page with debug parameters. No public exploit identified at time of analysis, and the EPSS score is very low (0.07%, 22nd percentile), but the unauthenticated network attack vector and changed scope (S:C) keep this relevant for any site using the plugin.

XSS WordPress Managewp Worker
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-45395 HIGH PATCH GHSA This Week

Privilege escalation in Open WebUI allows authenticated users with 'write' access grants on tools to execute arbitrary server-side Python code without the required workspace.tools permission. The tool update endpoint (POST /api/v1/tools/id/{id}/update) fails to enforce the workspace.tools authorization check that gates code execution, allowing users explicitly denied code execution capabilities to bypass this security boundary. This breaks Open WebUI's documented trust model where workspace.tools permission is intentionally disabled by default and 'equivalent to giving them shell access to the server.' Exploitation achieves root code execution (PID 1) in default Docker deployments, enabling extraction of secrets (WEBUI_SECRET_KEY, API keys), database access, and filesystem read/write. Confirmed by GitHub security advisory GHSA-p4fx-23fq-jfg6. No public exploit or KEV listing at time of analysis, but detailed proof-of-concept with Burp Collaborator confirmation exists in the advisory.

Microsoft Python RCE Privilege Escalation Docker
NVD GitHub
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-6476 HIGH PATCH This Week

SQL injection in PostgreSQL's pg_createsubscriber utility escalates privileges from pg_create_subscription to superuser, enabling arbitrary SQL execution. Affects PostgreSQL versions 17.0-17.9 and 18.0-18.3; exploitation requires high-privilege access (pg_create_subscription rights) but occurs remotely without additional complexity. Attack triggers when pg_createsubscriber next executes. Fixed in PostgreSQL 18.4 and 17.10. No CISA KEV listing or public exploit identified at time of analysis, but the technical simplicity (AC:L) and privilege escalation nature present moderate risk for multi-tenant or hosted PostgreSQL environments where subscription management permissions are delegated.

PostgreSQL SQLi Suse
NVD VulDB
CVSS 3.1
7.2
EPSS
0.0%
CVE-2026-45350 HIGH PATCH GHSA This Week

Low-privileged authenticated users in Open WebUI <=0.8.5 can invoke admin-restricted external tools (MCP servers, GitHub integrations, etc.) via the chat completion API by supplying arbitrary tool_ids or tool_servers parameters. Exploited tools execute with server-stored credentials, enabling unauthorized data access or actions through third-party integrations. Publicly available exploit code exists (PoC in GitHub advisory GHSA-4pcg-253r-rf9w). EPSS data not provided; CVSS 7.1 indicates network-accessible authenticated exploitation with high confidentiality impact. Vendor-released patches: v0.7.0 (partial, local tools) and v0.8.6 (complete fix for MCP servers). Users on >=0.8.6 are not affected.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.1
EPSS
0.1%
CVE-2026-44647 HIGH PATCH This Week

Path traversal in OneDev Git server allows authenticated users with repository push permissions to read arbitrary files accessible to the server process. The vulnerability exploits improper validation of repository-controlled LFS (Large File Storage) metadata to break expected path boundaries, enabling file reads outside intended repository storage. A vendor-released patch is available in version 15.0.2. CVSS 7.1 reflects high confidentiality impact via network-based attack with low complexity requiring only low-privilege authentication.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44678 HIGH This Week

Unauthorized deletion of preview resources in Tuist API allows authenticated attackers to delete arbitrary project previews regardless of ownership. An attacker with valid credentials can manipulate the DELETE endpoint's URL path to pass authorization checks against a project they control, while supplying any preview UUID to delete resources belonging to other users' projects. No public exploit code identified at time of analysis, but exploitation requires only low-complexity API manipulation with standard HTTP tools.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-41935 HIGH PATCH This Week

Infinite recursion in Vvveb admin controller exhausts PHP memory through repeated permission checks when low-privilege users access forbidden admin URLs. Sustained requests deplete worker memory causing site-wide denial of service. Fixed in version 1.0.8.3 via commit c766e84b which removes Base class inheritance from Error403 controller to break the dispatch cycle. No evidence of active exploitation but trivial to reproduce with authenticated low-privilege account.

Denial Of Service PHP Information Disclosure
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-45399 HIGH PATCH GHSA This Week

Broken object-level authorization in Open WebUI allows any authenticated low-privilege user to enumerate and terminate background tasks belonging to other users via GET /api/tasks and POST /api/tasks/stop/{task_id}. Attackers can disrupt system-wide chat generation and background processing by continuously canceling active tasks across the multi-user instance. Publicly available exploit code exists. Vendor-released patch in v0.9.0 restricts global task endpoints to admin-only and introduces a scoped /api/tasks/chat/{chat_id}/stop endpoint for legitimate user-owned task termination. CVSS 7.1 (AV:N/AC:L/PR:L/UI:N) reflects network-accessible, low-complexity exploitation requiring only authenticated low-privilege access, with high availability impact and low confidentiality impact from task enumeration.

Authentication Bypass Redis Privilege Escalation Python
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-42847 HIGH PATCH This Week

SQL injection in ClipBucket v5's admin panel allows authenticated administrators to exfiltrate database contents via the action_logs.php endpoint. The type parameter is directly concatenated into SQL queries without parameterization, enabling UNION-based attacks to extract sensitive data including user credentials, video metadata, and system configuration. Affects all versions prior to 5.5.3 - #122. No active exploitation confirmed (not in CISA KEV), but the technical barrier is low given the straightforward injection point and admin access requirement.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-45349 HIGH PATCH GHSA This Week

Broken access control in Open WebUI's `/api/chat/completions` endpoint allows any authenticated user to read and continue other users' private conversations by supplying a known Chat ID. The API fails to verify chat ownership before granting access, exposing sensitive conversation data across multi-user deployments with shared AI models. Fixed in v0.9.0 via commit cf4218e68, which enforces ownership validation through `Chats.is_chat_owner()` checks. Exploitation requires low-privilege authentication (PR:L) and network access (AV:N), but no user interaction (UI:N) or special configuration-any default multi-user instance with shared pipelines is vulnerable. CVSS 7.1 (High) reflects network-accessible confidentiality breach (C:H) with limited integrity impact (I:L). No public exploit identified at time of analysis, but proof-of-concept published in GitHub advisory GHSA-gfm2-xm6c-37qc demonstrates trivial exploitation via legitimate API key usage.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-46446 HIGH PATCH This Week

SQL injection in SOGo versions prior to 5.12.7 allows authenticated users to inject arbitrary SQL when changing their password, provided the deployment uses PostgreSQL or MariaDB as the user backend and stores cleartext passwords. The flaw resides in the changePasswordForLogin routine where the new password value is interpolated directly into an UPDATE statement (c_password = '%@'). No public exploit identified at time of analysis, EPSS is very low (0.03%), and SSVC marks exploitation as 'none' - but the patched upstream code (PR #379, fixed in 5.12.7) confirms the vulnerability.

SQLi PostgreSQL Sogo
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-46445 HIGH PATCH This Week

SQL injection in Alinto SOGo versions prior to 5.12.7 allows authenticated remote attackers to manipulate database queries when the groupware is deployed against a PostgreSQL backend. The flaw stems from improper quoting in the SQLSource authentication and contact-lookup paths, which an attacker can leverage to read or modify data with high confidentiality and integrity impact. No public exploit identified at time of analysis and EPSS is very low (0.03%), but a vendor patch and upstream code fix are available.

SQLi PostgreSQL Sogo
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-43905 HIGH PATCH This Week

Heap overflow in OpenImageIO's JPEG 2000 decoder allows local attackers with malicious image files to execute arbitrary code. Affects versions before 3.0.18.0 and 3.1.x before 3.1.13.0 when compiled with USE_OPENJPH flag. Integer overflow in buffer size calculation causes undersized heap allocation, leading to memory corruption during pixel writes. No public exploit identified at time of analysis, but SSVC framework indicates POC exists. Vendor-released patches available in versions 3.0.18.0 and 3.1.13.0.

Integer Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-44637 HIGH PATCH This Week

Heap buffer overflow in libsixel versions up to 1.8.7-r1 enables local attackers to corrupt memory and potentially execute code by supplying maliciously crafted SIXEL image data. A signed integer overflow in the SIXEL parser's buffer resizing logic bypasses allocation size checks, allowing out-of-bounds writes with attacker-controlled offsets. The vulnerability requires user interaction to process a malicious SIXEL file but does not require authentication. Fixed in version 1.8.7-r2. No active exploitation confirmed (not in CISA KEV); public exploit code status unknown.

Integer Overflow Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-5798 HIGH This Week

Insecure Direct Object Reference (IDOR) in Stel Order v3.25.1 and earlier allows authenticated attackers with low privileges to access confidential employee information across the organization by manipulating the 'employeeID' parameter in requests to the '/app/FrontController' endpoint. Attackers can enumerate and retrieve personal data including names, roles, job titles, and vacation records for any employee regardless of authorization level. EPSS data not available; no confirmed active exploitation (not in CISA KEV). CVSS 7.1 reflects high confidentiality impact but requires authentication, limiting immediate exposure to insider threats or compromised accounts.

Authentication Bypass Stel Order
NVD
CVSS 4.0
7.1
EPSS
0.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy