Skip to main content
CVE-2026-46383 MEDIUM POC PATCH GHSA This Month

Archive extraction boundary failure in Microsoft APM's legacy-bundle probe allows local attackers to overwrite arbitrary files on Windows systems running Python 3.10 or 3.11. When users run 'apm install' on a malicious .tar.gz file, untrusted tar members bypass path validation, enabling absolute path writes (e.g., D:/...) that compromise system integrity. Fixed in version 0.13.0. No active exploitation confirmed at time of analysis, but the local attack vector with user interaction required (CVSS AV:L/UI:R) limits real-world risk to social engineering scenarios targeting AI agent developers on Windows platforms.

Path Traversal Python Microsoft
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-47958 MEDIUM POC This Month

CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrary HTTP requests by uploading malicious SVG files. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SSRF
NVD Exploit-DB GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2021-47967 MEDIUM POC This Month

PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject arbitrary JavaScript by manipulating URL paths and POST parameters. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS
NVD Exploit-DB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2021-47968 MEDIUM POC PATCH This Month

Podcast Generator 3.1 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unfiltered JavaScript code in the. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Podcast Generator
NVD Exploit-DB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2021-47962 MEDIUM POC This Month

Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows authenticated attackers to inject malicious HTML and JavaScript code. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Savsoft Quiz
NVD Exploit-DB GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2021-47963 MEDIUM POC This Month

Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Anote
NVD Exploit-DB GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-48513 MEDIUM This Month

Uninitialized kernel memory within AMD's Platform Management Framework (PMF) can be read by local authenticated attackers, resulting in information disclosure or availability impact. This affects AMD Ryzen processors across multiple generations (6000, 7035, 7040, 8040 series and Z1/Embedded 8000) where PMF is present. The vulnerability requires local access and authenticated user privileges but does not require user interaction, making it exploitable by any local user with login credentials.

Amd Information Disclosure
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-48520 MEDIUM This Month

Improper input validation in the AMD Platform Management Framework (PMF) driver allows local authenticated attackers to read out-of-bounds memory, resulting in information disclosure or denial of service. The vulnerability affects multiple Ryzen processor families (7035, 7040, 8040, 6000 series, and Embedded 8000) and requires local access with limited privileges to exploit.

Information Disclosure Buffer Overflow Amd
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-0045 MEDIUM This Month

Buffer overflow in the AMD Secure Processor (ASP) PCI driver affects dozens of AMD Ryzen, EPYC, and Threadripper processor families across desktop, mobile, and embedded variants. Local attackers with user-level privileges can trigger improper input validation in the driver to cause a crash or denial of service, with potential for integrity impact. The vulnerability requires local access and authenticated user privileges; no active exploitation in the wild has been confirmed, and vendor-released patches are available.

Denial Of Service Amd Buffer Overflow
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-48521 MEDIUM This Month

Use-After-Free vulnerability in the AMD Secure Processor (ASP) PCI driver affects multiple Ryzen, Threadripper, EPYC, and Athlon processor families due to improper input validation. A local attacker with user-level privileges can trigger the UAF condition, resulting in denial of service via platform crash or potential loss of platform integrity. Vendor-released patch: AMD Ryzen Chipset Driver 7.02.13.148 (or equivalent Catalyst driver versions for embedded SKUs). No public exploit identified at time of analysis.

Denial Of Service Amd Use After Free Memory Corruption
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2025-48516 MEDIUM This Month

DDR5 memory modules in multiple AMD Ryzen processor families contain an insecure default PMIC (Power Management Integrated Circuit) interface configuration that allows local users with standard privileges to cause permanent denial of service or corrupt memory module integrity via unprotected firmware access. The vulnerability affects Ryzen 4000, 7000, 7020, 7030, 7035, 7040, 7045 series processors and Threadripper Pro 3000 WX-series, requiring local system access but no special privileges or user interaction. No public exploit code or active exploitation has been confirmed at time of analysis.

Privilege Escalation Denial Of Service Amd Ryzen 4000 Series Mobile Processors With Radeon Graphics Amd Ryzen 7035 Series Processors With Radeon Graphics Amd Athlon 3000 Series Mobile Processors With Radeon Graphics +30
NVD
CVSS 4.0
6.9
EPSS
0.0%
CVE-2024-36332 MEDIUM This Month

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine (VM) to perform unauthorized access to specific victim range of GPU MMIO register. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Authentication Bypass Amd Radeon Pro V710
NVD
CVSS 4.0
6.8
EPSS
0.0%
CVE-2025-29944 MEDIUM This Month

Buffer overflow in AMD Sensor Fusion Hub Driver allows local authenticated attackers to write out of bounds, causing denial of service or system crash. The vulnerability affects multiple Ryzen processor families (4000, 5000, 7000, 7020, 7030, 7035, 7040 series and Ryzen AI 300 series) with Radeon integrated graphics across Windows mobile and desktop platforms. No active exploitation has been confirmed at time of analysis.

Denial Of Service Amd Buffer Overflow
NVD
CVSS 4.0
6.8
EPSS
0.0%
CVE-2023-31309 MEDIUM This Month

Improper validation in Power Management Firmware (PMFW) may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Amd Radeon Rx 6000 Series Graphics Products Amd Radeon Pro W6000 Series Graphics Products Amd Radeon Pro V520 Amd Radeon Pro V620
NVD
CVSS 4.0
6.8
EPSS
0.0%
CVE-2026-41970 MEDIUM This Month

Out-of-bounds write in Huawei HarmonyOS and EMUI distributed file system module allows authenticated local attackers to corrupt memory, potentially affecting system availability and integrity. CVSS 6.8 reflects adjacent network access requirement and low attack complexity, but exploitation requires prior authentication and local network presence. No public exploit code or active exploitation confirmed at time of analysis.

Memory Corruption Buffer Overflow Emui
NVD VulDB
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-4683 MEDIUM This Month

Unauthenticated attackers can modify Smartcat API credentials in the Smartcat Translator for WPML plugin through a missing capability check on the 'routeData' REST endpoint, allowing hijacking of translation services or denial of service. All versions through 3.1.77 are affected. The vulnerability requires only network access and no user interaction, making it remotely exploitable by any unauthenticated actor against default WordPress configurations running the vulnerable plugin.

Authentication Bypass Denial Of Service WordPress
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-39053 MEDIUM This Month

XML External Entity (XXE) injection in Oinone Pamirs 7.0.0 allows remote unauthenticated attackers to disclose local files or perform Server-Side Request Forgery (SSRF) attacks via malicious XML input to unsafe XStream parsing entry points (PamirsXmlUtils.fromXML, ViewXmlUtils.fromXML). The vulnerability has network attack vector with low complexity (CVSS:3.1 AV:N/AC:L/PR:N) and is automatable per SSVC framework, though no active exploitation or public POC has been confirmed at time of analysis. EPSS data not available; CISA KEV status: not listed.

XXE SSRF
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-39052 MEDIUM This Month

Remote attackers can execute arbitrary code on Oinone Pamirs 7.0.0 servers by sending malicious script expressions to the ScriptRunner.run() method, which evaluates untrusted input without sandboxing. The CVSS vector (AV:N/AC:L/PR:N/UI:N) confirms this is remotely exploitable without authentication against default configurations. No public exploit identified at time of analysis, but SSVC marks this as automatable with partial technical impact. EPSS data unavailable. The vulnerability enables both information disclosure (C:L) and integrity compromise (I:L) according to CVSS, creating a pathway for initial access and potential privilege escalation.

RCE Code Injection
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-45619 MEDIUM GHSA This Month

Time-of-check-time-of-use DNS rebinding in AVideo <= 29.0 allows remote unauthenticated attackers to bypass Server-Side Request Forgery (SSRF) protections and exfiltrate sensitive data from internal networks. The partial fix for CVE-2026-43884 in commit 603e7bf addressed only two call sites but left six or more locations discarding the DNS-pinning mechanism via CURLOPT_RESOLVE, enabling attackers to race DNS resolution between validation and HTTP request execution. No vendor-released patch identified at time of analysis. EPSS data not available for this CVE.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-67437 MEDIUM This Month

Medical Management System a81df1ce700a9662cb136b27af47f4cbde64156b is vulnerable to Insecure Permissions, which allows arbitrary user password reset.

Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8503 MEDIUM PATCH This Month

Weak session ID generation in Apache::Session::Generate::SHA256 for Perl allows session prediction and hijacking. All versions before 1.3.19 derive session identifiers from low-entropy sources (time, PID, rand, stringified hash ref), enabling remote unauthenticated attackers to predict valid session IDs and gain unauthorized access. EPSS score is low (0.02%, 5th percentile) and no public exploit identified at time of analysis, but CVSS 6.5 with network vector (AV:N/AC:L/PR:N) indicates exploitability against internet-facing systems. Vendor-released patch 1.3.19 replaces predictable hash with Crypt::URandom cryptographically secure source. Similar scope to CVE-2025-40931 for MD5 variant.

Apache Information Disclosure Suse
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8669 MEDIUM PATCH This Month

Heap buffer overflow in Imager for Perl versions through 1.030 allows remote attackers to corrupt memory and potentially read limited data via specially crafted multi-frame GIF files. The vulnerability stems from missing bounds validation in the skip-image code path of i_readgif_multi_low(), which reuses a fixed-size buffer allocated for the GIF's global screen width without checking if subsequent image frames exceed these dimensions. Vendor-released patch available in version 1.031. CVSS 6.5 indicates network-accessible exploitation requiring no authentication or user interaction, though the impact is limited to low confidentiality/integrity with no availability disruption. No public exploit identified at time of analysis.

Buffer Overflow Memory Corruption Imager
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8704 MEDIUM This Month

File overwrite and information disclosure in Crypt::DSA through version 1.19 for Perl expose systems where user-controlled input reaches the library's key handling routines. The root cause is use of Perl's 2-argument open() form in lib/Crypt/DSA/Key.pm, which interprets leading or trailing special characters in filenames as I/O mode specifiers, enabling reads from or writes to arbitrary files. CVSS rates this AV:N/AC:L/PR:N/UI:N (Medium, 6.5), though actual exposure depends on application-level code paths; EPSS is 0.01% and this CVE is not in CISA KEV, indicating no public exploit identified at time of analysis.

Path Traversal Information Disclosure Crypt
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-6646 MEDIUM This Month

Stored Cross-Site Scripting (XSS) in The7 WordPress theme versions up to 14.3.2 allows authenticated attackers with Contributor-level access to inject arbitrary JavaScript via the 'title' parameter of the 'dt_default_button' shortcode. The injected scripts execute in the context of any user who views the affected page, enabling session hijacking, credential theft, or malware distribution. No public exploit code has been identified at time of analysis.

XSS WordPress
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2026-6415 MEDIUM This Month

Stored Cross-Site Scripting in Advanced Custom Fields: Font Awesome plugin for WordPress up to version 5.0.2 allows authenticated attackers with Subscriber-level access to inject arbitrary JavaScript via insufficiently validated JSON field values in the update_preview() function, resulting in script execution whenever any user visits an affected page. The vulnerability requires user interaction only in the sense that a victim must visit a page containing injected content; the attacker needs only Subscriber-level authentication to craft the malicious payload.

XSS WordPress Advanced Custom Fields
NVD VulDB
CVSS 3.1
6.4
EPSS
0.0%
CVE-2025-67031 MEDIUM This Month

Authenticated remote code execution in ORSEE 3.1.0 allows low-privileged users to execute arbitrary PHP code on the server by submitting participant profile field values prefixed with 'func:', which are passed unsanitized into eval() calls within tagsets/participant.php and tagsets/options.php. Only version 3.1.0 is confirmed affected; ORSEE is a niche academic tool used in economic research labs, limiting broad attack surface but making unpatched deployments attractive targets for insider threat or compromised-credential scenarios. No public exploit identified at time of analysis beyond a published proof-of-concept writeup on Medium, and EPSS sits at 0.06% (18th percentile), reflecting the narrow deployment footprint.

RCE PHP Code Injection
NVD GitHub VulDB
CVSS 3.1
6.3
EPSS
0.1%
CVE-2026-41969 MEDIUM This Month

A permission control vulnerability in the projection module of Huawei HarmonyOS and EMUI allows local attackers with physical access to bypass authorization checks and disclose sensitive information. The flaw affects confidentiality through improper permission enforcement in a physical-access attack vector requiring user interaction. No active exploitation has been confirmed, and patch availability has not been independently verified from the provided reference.

Information Disclosure Emui
NVD
CVSS 3.1
6.2
EPSS
0.0%
CVE-2025-65954 MEDIUM PATCH GHSA This Month

Open redirect in SimpleSAMLphp casserver module allows remote attackers to redirect authenticated users to arbitrary external domains after logout. Versions prior to 6.3.1 and 7.0.0-rc1 through 7.0.0-rc2 are affected. The logout endpoint accepts an unchecked 'url' query parameter without validating it against configured service URLs, enabling phishing attacks that leverage the trusted SimpleSAML domain. Public exploit code exists (POC: YES). EPSS data not available, but exploitation requires only user interaction (no authentication), making this readily exploitable in phishing campaigns targeting SSO users.

Google Open Redirect Docker PHP
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-44366 MEDIUM PATCH This Month

Stored Cross-Site Scripting in Vvveb CMS comment submission allows unauthenticated attackers to inject malicious JavaScript through the author field on public post pages. The payload persists in the database and executes in two distinct contexts when administrators or other users view the comments, enabling session hijacking, credential theft, or administrative action manipulation. No public exploit code has been identified at time of analysis, though exploitation requires only user interaction (victim viewing the malicious comment). EPSS data not available; CVSS 6.1 reflects moderate severity with cross-site scope change.

XSS Vvveb
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-41968 MEDIUM This Month

A permission control vulnerability in HarmonyOS's manufacturability design module allows local attackers without privileges to read, modify, and degrade system availability through improper access controls. The vulnerability affects HarmonyOS across multiple versions and has a CVSS score of 5.9 (medium severity), with confirmed impacts on confidentiality, integrity, and availability despite the description emphasizing availability impact alone.

Information Disclosure
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41967 MEDIUM This Month

HarmonyOS manufacturability design module contains a permission control vulnerability (CWE-840) that allows local attackers without privileges to read sensitive information and modify system state on affected devices. The vulnerability has a CVSS score of 5.9 with local attack vector and low complexity, affecting confidentiality, integrity, and availability. Patch status and active exploitation status are not confirmed from available vendor advisory data.

Information Disclosure
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41961 MEDIUM This Month

A permission control vulnerability in HarmonyOS Contacts allows local attackers without special privileges to access sensitive contact information and affect availability of the contacts application. The vulnerability exists across HarmonyOS versions and can be exploited without user interaction, resulting in information disclosure and potential service disruption.

Information Disclosure
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-41960 MEDIUM This Month

A permission control vulnerability in Huawei HarmonyOS and EMUI allows remote attackers to disclose sensitive information and potentially degrade system availability through unauthenticated network access combined with user interaction. The vulnerability stems from insufficient permission validation in the calls application, enabling attackers to read confidential data (CWE-200: Information Exposure) across system boundaries when users are socially engineered into triggering the malicious action.

Information Disclosure Emui
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2025-29937 MEDIUM This Month

Out-of-bounds read in AMD Platform Management Framework (PMF) allows authenticated local attackers to read arbitrary memory locations, potentially disclosing sensitive information or causing availability loss on affected Ryzen processors. The vulnerability requires local access and low privileges but can be triggered without user interaction. AMD released a security bulletin (AMD-SB-4015) describing the issue; active exploitation status not confirmed at time of analysis.

Information Disclosure Buffer Overflow Amd
NVD
CVSS 4.0
5.8
EPSS
0.0%
CVE-2026-45610 MEDIUM GHSA This Month

Cross-site request forgery in AVideo's LoginControl plugin allows remote attackers to disable two-factor authentication for authenticated victims through a single malicious HTTP request. The vulnerability exists in plugin/LoginControl/set.json.php which accepts POST requests to toggle 2FA without CSRF token validation, origin verification, or re-authentication. Attackers deliver a weaponized webpage containing a hidden form that auto-submits to the vulnerable endpoint; when a logged-in AVideo administrator visits this page, their 2FA protection is silently stripped, enabling subsequent credential-based account takeover. The flaw is confirmed through GitHub security advisory GHSA-3mv2-vmwh-rwfx with source code evidence showing the endpoint performs only session authentication (User::isLogged()) while omitting the forbidIfIsUntrustedRequest() protection used throughout the rest of the codebase. No public exploit code identified at time of analysis, though the attack is trivial to weaponize given the detailed advisory.

Authentication Bypass Open Redirect CSRF XSS PHP
NVD GitHub
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-41966 MEDIUM This Month

Permission control vulnerability in Huawei HarmonyOS smart sensing service allows remote attackers to bypass access controls and disclose sensitive information with moderate complexity. The vulnerability affects service confidentiality and integrity across HarmonyOS versions, with CVSS 5.6 (AV:N/AC:H/PR:N/UI:N) indicating network-accessible exploitation requiring non-trivial conditions. No active exploitation in CISA KEV or public exploit code identified at time of analysis.

Information Disclosure
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2026-41965 MEDIUM This Month

Use-after-free vulnerability in Huawei HarmonyOS web components allows remote attackers to disclose sensitive information and cause limited integrity and availability impact. The vulnerability requires high attack complexity but can be triggered without authentication or user interaction over the network, affecting confidentiality, integrity, and availability with low severity (CVSS 5.6). No active exploitation has been publicly confirmed.

Information Disclosure
NVD
CVSS 3.1
5.6
EPSS
0.0%
CVE-2026-41971 MEDIUM This Month

Information disclosure in Huawei HarmonyOS security control module allows local attackers with user interaction to read sensitive data. The vulnerability stems from improper permission control in the security module, enabling unauthorized access to confidential information without requiring elevated privileges. CVSS 5.5 indicates moderate severity with local attack vector; no KEV status or public exploit confirmed at time of analysis.

Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-45580 MEDIUM GHSA This Month

Stored cross-site scripting in AVideo's Live plugin allows authenticated streamers to inject malicious JavaScript into live stream pages, executing in any visitor's browser context. The vulnerability exists in modeYoutubeLive.php where stream keys are rendered unescaped into HTML class attributes. Attackers with canStream privileges can persist event handlers via crafted stream keys that trigger when victims view the live page, enabling session hijacking, CSRF token theft, and potential admin account compromise. CVSS 5.4 reflects network-accessible exploitation requiring only low-privilege authentication and user interaction, with scope change indicating cross-user impact. No patch is currently available per GitHub advisory GHSA-m5j4-7r85-2cj2.

Mozilla CSRF XSS PHP
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-0438 MEDIUM This Month

System Management Mode (SMM) handler in AMD Ryzen mobile, desktop, embedded, Threadripper, and EPYC processors allows privileged local attackers to execute arbitrary code in SMM by triggering a callout to attacker-controlled code in untrusted non-SMM memory. The vulnerability requires high complexity conditions, active user interaction, physical proximity or direct system access, and high privilege level; successful exploitation compromises system confidentiality, integrity, and availability. No public exploit identified at time of analysis.

Information Disclosure Amd Ryzen 7040 Series Mobile Processors With Radeon Graphics Amd Ryzen 7045 Series Mobile Processors With Radeon Graphics Amd Ryzen 7000 Series Desktop Processors Amd Ryzen 9000Hx Series Processors +23
NVD VulDB
CVSS 4.0
5.4
EPSS
0.0%
CVE-2026-8612 MEDIUM PATCH This Month

Local privilege escalation in WWW::Mechanize::Cached for Perl (versions before 2.00) allows authenticated local attackers to inject malicious cached HTTP responses and achieve arbitrary code execution. The module creates world-writable cache directories under /tmp/FileCache with 0777 permissions, enabling any local user to replace cached responses that are deserialized via Storable::thaw. EPSS exploitation probability is low (0.05%, 16th percentile) and no active exploitation is confirmed at time of analysis. Vendor-released patch available in version 2.00 with upstream fix confirmed via GitHub commit b821647.

RCE Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-45622 MEDIUM PATCH This Month

Unauthenticated reflected cross-site scripting (XSS) in Vvveb CMS versions prior to 1.0.8.3 enables attackers to execute arbitrary JavaScript in victim browsers via the public product return form. The customer_order_id parameter is reflected without sanitization in error messages when order lookups fail, allowing HTML injection. No public exploit identified at time of analysis. While CVSS 5.3 indicates moderate severity, the unauthenticated attack vector (PR:N) and low complexity (AC:L) make this readily exploitable against any site visitor, though user interaction (UI:P) is required to submit the malicious form.

XSS Vvveb
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-44719 MEDIUM PATCH This Month

Authenticated users in Mathesar 0.2.0 through 0.9.x can access metadata for PostgreSQL databases where they lack collaborator privileges, due to missing authorization checks in four API methods (collaborators.list, tables.metadata.list, explorations.list, forms.list). Exposed data includes table schemas, saved explorations, form configurations, and critically, public form submission tokens that grant unauthorized database write access under the form's PostgreSQL role. Fixed in version 0.10.0. CVSS 5.3 (Medium) reflects network-accessible, low-complexity exploitation requiring only basic authentication. No public exploit code or active exploitation detected (EPSS data unavailable, not in CISA KEV).

Authentication Bypass PostgreSQL
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-44718 MEDIUM PATCH This Month

Broken access control in Mathesar 0.2.0 through 0.9.x allows authenticated users to read, modify, or delete saved explorations (database query definitions) in databases where they lack collaborator privileges. Exploitation requires only a valid user account and knowledge of an exploration ID - easily guessed or enumerated. Fixed in version 0.10.0. No public exploit identified at time of analysis, with EPSS data not available for this recently disclosed vulnerability.

Authentication Bypass PostgreSQL
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-54511 MEDIUM This Month

Improper privilege validation in AMD Secure Processor (ASP) allows authenticated local attackers to write data to restricted memory regions, compromising data integrity and potentially affecting system availability. The vulnerability affects AMD MI-25, MI250, MI210 accelerators and AMD Radeon Pro V520/V620 GPUs. No public exploit code has been identified, but the low attack complexity and authenticated network access vector indicate moderate real-world risk in data center and AI/ML environments where these devices are deployed.

Amd Information Disclosure
NVD VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-46365 MEDIUM PATCH This Month

{tagId} endpoint. The vulnerability affects versions before 4.1.2 and stems from missing authorization checks that allow any logged-in user, including regular frontend users, to permanently delete arbitrary tags using only a valid session cookie. While CVSS rates this 5.4 (Medium), the permanent data loss and FAQ organization disruption represent material operational impact. No active exploitation confirmed (not in CISA KEV), but publicly available exploit code exists per VulnCheck advisory and GitHub security advisory GHSA-7cx3-2qx2-3g6w, lowering exploitation barriers for authenticated attackers.

Authentication Bypass Phpmyfaq
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-45009 MEDIUM PATCH This Month

Authorization bypass in phpMyFAQ versions before 4.1.2 allows authenticated frontend users to access admin-only API endpoints and retrieve sensitive backend configuration data. The vulnerability stems from admin-api routes checking only login status (isLoggedIn) without verifying administrative privileges, enabling any valid user account to query dashboard versions, LDAP configuration details, Elasticsearch statistics, and health-check data. While this is an information disclosure issue rather than direct write access, it exposes internal infrastructure details useful for reconnaissance. The low CVSS score (4.3) reflects limited confidentiality impact, but defenders should prioritize remediation in environments where backend configuration exposure aids broader attack campaigns. Vendor patch available in version 4.1.2.

Authentication Bypass Elastic
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0040 MEDIUM This Month

Improper access control between JTAG and AXI interfaces in AMD Ryzen 7040, 8000, 8040 mobile, and Embedded 8000 series processors allows attackers with physical access to read or modify cross-chip debug (XCD) registers, potentially compromising data integrity and confidentiality. The vulnerability requires physical proximity and specialized hardware capability but can bypass authentication mechanisms protecting debug interfaces. No public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass Amd Ryzen 7040 Series Mobile Processors With Radeon Graphics Amd Ryzen 8000 Series Desktop Processors Amd Ryzen 8040 Series Mobile Processors With Radeon Graphics Amd Ryzen Embedded 8000 Series Processors
NVD
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-8454 MEDIUM PATCH This Month

Heap buffer overflow in Imager::File::GIF (Perl image processing library) versions through 1.002 allows local attackers to corrupt memory via specially crafted multi-frame GIF files. The vulnerability stems from missing boundary validation in the skip-image code path, which writes image data beyond allocated buffer boundaries when processing malformed GIF frames. With EPSS score at 0.02% (5th percentile) and no evidence of active exploitation, this represents a low-probability supply chain risk for Perl applications processing untrusted GIF files. Patch released in version 1.003.

Buffer Overflow Memory Corruption Imager
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-45007 MEDIUM PATCH This Month

Insufficient authorization in phpMyFAQ 4.1.1 and earlier allows any authenticated user to enumerate sensitive system configuration metadata through 12 admin API endpoints. The ConfigurationTabController improperly uses userIsAuthenticated() instead of userHasPermission(CONFIGURATION_EDIT), enabling low-privilege users to query /admin/api/configuration endpoints and discover the permission model, active template, cache backend, mail provider, translation settings, and other deployment details that should require administrative access. This information disclosure violates least privilege principles and aids reconnaissance for subsequent attacks. EPSS data not available; no active exploitation confirmed at time of analysis. Vendor-released patch available in version 4.1.2.

Authentication Bypass PHP
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy