Skip to main content
CVE-2026-33233 HIGH PATCH This Week

Insecure deserialization in Significant-Gravitas AutoGPT platform versions 0.6.34 through 0.6.51 lets an attacker who can poison entries in the shared Redis cache achieve arbitrary command execution inside the backend container. The backend's read path invokes pickle.loads on cache bytes with no HMAC, signature, or schema gate, so any attacker-controlled value reaching that key becomes code on retrieval. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV; the vendor shipped a fix in autogpt-platform-beta-v0.6.52.

Deserialization Redis
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-46426 HIGH PATCH GHSA This Week

Stored cross-site scripting in Budibase self-hosted deployments (versions before 3.38.2) allows any authenticated user with Builder role - or any BASIC/POWER user with table WRITE permission - to upload SVG, HTML, or JavaScript files containing active content via the /api/attachments/process and /api/attachments/:tableId/upload endpoints. The files are stored in the configured object store (MinIO/S3) with their executable MIME types and served via signed URLs, so any end user viewing an attachment triggers script execution in their browser session. Publicly available exploit code exists (detailed PoC in the GHSA advisory); no public exploit identified in active campaigns at time of analysis.

Docker Redis CSRF File Upload XSS
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-7307 HIGH PATCH GHSA This Week

Denial of service in Red Hat build of Keycloak allows remote unauthenticated attackers to exhaust CPU and worker threads by submitting specially crafted XML payloads to the SAML endpoint. The flaw renders the identity provider unavailable, disrupting authentication for all downstream applications relying on it. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Red Hat Build Of Keycloak
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-45793 HIGH PATCH GHSA This Week

Sensitive token disclosure in Composer (PHP dependency manager) versions prior to 1.10.28, 2.2.28, and 2.9.8 causes GitHub Actions GITHUB_TOKEN values to be written verbatim to stderr/CI logs whenever the token contains characters outside Composer's hardcoded validation regex. The new GitHub Actions token format (ghs_<id>_<base64url-JWT>) includes hyphens, which fail Composer's `^[.A-Za-z0-9_]+$` check and trigger an UnexpectedValueException that interpolates the raw token into its message. No public exploit identified at time of analysis, but the leak triggers automatically without unusual configuration on any pipeline using common actions like shivammathur/setup-php that auto-register GITHUB_TOKEN into Composer's auth.json.

Information Disclosure PHP
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-45783 HIGH PATCH GHSA This Week

Unauthenticated disk-exhaustion denial of service in @libp2p/kad-dht (versions before 16.2.6) allows any remote peer to fill the datastore of a DHT server-mode node by streaming PUT_VALUE messages with crafted keys that bypass record validation. Affected deployments include IPFS nodes (kubo, Helia), libp2p bootstrap nodes, and any application exposing a public DHT endpoint with clientMode disabled. Publicly available exploit code exists as a mocha PoC checked in alongside the package test suite; no public exploit identified as actively used at time of analysis.

Node.js RCE
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33232 HIGH PATCH This Week

Unauthenticated denial-of-service in AutoGPT Platform versions 0.4.2 through 0.6.51 allows remote attackers to exhaust server disk space by repeatedly invoking the download_agent_file endpoint, which creates temporary files that are never cleaned up. Once disk capacity is consumed, the backend database and dependent services fail with 'No space left on device' errors, taking the entire platform offline for all users. No public exploit identified at time of analysis, but the trivial nature of the attack (simple repeated HTTP requests) makes it readily reproducible.

Denial Of Service Autogpt
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8945 HIGH PATCH This Week

Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151.

Information Disclosure Mozilla Google
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8968 HIGH PATCH This Week

Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.

Mozilla Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8949 HIGH PATCH This Week

Integer overflow in the Widget: Win32 component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.

Mozilla Buffer Overflow Integer Overflow Suse Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-46374 HIGH PATCH GHSA This Week

Denial of service in SQLFluff parser (pip/sqlfluff) versions prior to 4.2.0 allows remote unauthenticated attackers to exhaust CPU and memory resources by submitting an excessively long or malicious SQL query for linting. The flaw affects any application that exposes the SQLFluff parser to untrusted input. No public exploit identified at time of analysis, but the issue was responsibly reported by Imperva Threat Research.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-46373 HIGH PATCH GHSA This Week

Denial of service in SQLFluff (Python SQL linter/parser) below version 4.1.0 allows remote attackers to exhaust server resources by submitting SQL queries with deliberately excessive nesting, triggering uncontrolled recursion in the parser. The flaw (CWE-674) affects any application that accepts untrusted SQL input for linting and carries a CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/A:H); no public exploit identified at time of analysis and EPSS data was not provided.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8946 HIGH PATCH This Week

Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.

Mozilla Buffer Overflow
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-7507 HIGH PATCH GHSA This Week

Session fixation in Keycloak's login-actions endpoints allows remote attackers to hijack authenticated sessions and take over accounts, including highly privileged administrative ones. Exploitation requires the victim to click an attacker-crafted link, after which an existing SSO session causes transparent authentication into the attacker-controlled flow. No public exploit identified at time of analysis, but Red Hat has confirmed the flaw in Red Hat Build of Keycloak.

CSRF Authentication Bypass Red Hat Build Of Keycloak
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8963 HIGH PATCH This Week

Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151.

Mozilla Authentication Bypass Suse Red Hat
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8960 HIGH PATCH This Week

Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.

Mozilla Authentication Bypass Suse Red Hat
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8964 HIGH PATCH This Week

Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151.

Information Disclosure Mozilla Suse Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-31909 HIGH PATCH This Week

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

Information Disclosure Apache
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8967 HIGH PATCH This Week

Information disclosure in Mozilla Firefox's WebGPU graphics component allows remote attackers to access sensitive in-memory data from browser sessions via crafted web content rendered through the WebGPU API. The flaw affects Firefox versions prior to 151 and has been addressed by Mozilla in advisories MFSA2026-46 and MFSA2026-50. There is no public exploit identified at time of analysis, and EPSS scoring (0.02%, 4th percentile) indicates very low likelihood of near-term mass exploitation.

Information Disclosure Mozilla Suse Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8966 HIGH PATCH This Week

Information disclosure in Mozilla Firefox versions prior to 151 affects the IP Protection component, allowing remote unauthenticated attackers to obtain sensitive information over the network without user interaction. The flaw carries a CVSS score of 7.5 driven entirely by confidentiality impact (C:H/I:N/A:N), and while no public exploit is identified at time of analysis, the very low EPSS score of 0.02% (4th percentile) suggests minimal active exploitation interest. Mozilla addressed the issue in Firefox 151 via security advisories MFSA2026-46 and MFSA2026-50.

Information Disclosure Mozilla Suse Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8965 HIGH PATCH This Week

Information disclosure in Mozilla Firefox prior to version 151 allows remote attackers to leak sensitive data through a flaw in the DOM: Security component, exploitable without authentication or user interaction. The CVSS 7.5 rating reflects high confidentiality impact via network vector, though EPSS scoring at 0.02% (4th percentile) indicates very low predicted exploitation probability and no public exploit identified at time of analysis.

Information Disclosure Mozilla Suse Red Hat
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-31910 HIGH PATCH This Week

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

Apache SSRF
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-45799 HIGH PATCH GHSA This Week

Denial of service in Square Wire protobuf library (com.squareup.wire:wire-runtime before 6.3.0) allows remote unauthenticated attackers to crash any service that decodes untrusted protobuf payloads by sending a 10-byte crafted message. The flaw stems from missing negative-length validation in skipGroup(), causing an unchecked ArrayIndexOutOfBoundsException to escape Wire's documented IOException boundary. No public exploit identified at time of analysis, though the GitHub advisory includes a full reproduction payload and Java PoC code.

Denial Of Service Java
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8073 HIGH This Week

Arbitrary file read and deletion in the Kirki - Freeform Page Builder plugin for WordPress (versions through 6.0.6) allows unauthenticated remote attackers to read and delete files within the WordPress uploads base directory by abusing the 'downloadZIP' function. The flaw stems from insufficient path validation and a missing capability check, and was reported by Wordfence; no public exploit identified at time of analysis.

WordPress Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-33633 HIGH PATCH This Week

Heap buffer overflow in Kitty terminal versions 0.46.2 and below allows any process able to write to the terminal's standard input to crash the application and potentially achieve remote code execution. The flaw lives in load_image_data() and is triggered by a single APC graphics protocol command declaring PNG format (f=100) with a payload exceeding twice the initial buffer capacity, giving the attacker control over both overflow length and content. No public exploit identified at time of analysis, but the vulnerability has been fixed upstream in version 0.47.0.

Buffer Overflow Heap Overflow Kitty
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-45713 HIGH PATCH GHSA This Week

Unauthenticated remote denial-of-service in Mailpit versions prior to 1.30.0 allows network-reachable attackers to exhaust memory and disk by submitting arbitrarily large messages through the SMTP listener on port 1025 or the HTTP /api/v1/send endpoint on port 8025. The Server.MaxSize field exists but is never populated in production code, and the JSON decoder lacks http.MaxBytesReader, so a single connection delivering a 100 MiB DATA payload inflates RSS roughly tenfold (≈25 MiB → ≈1 GiB), and concurrent connections drive the process to OOM-kill. Publicly available exploit code exists (working SMTP and HTTP PoCs are included in the GHSA advisory), though no CISA KEV listing or EPSS score was supplied with this input.

Denial Of Service
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-45728 HIGH PATCH GHSA This Week

Information disclosure in Algernon web server versions 1.17.6 and earlier allows unauthenticated remote attackers to retrieve full server-side source code, including embedded secrets, by triggering runtime errors in Lua, Pongo2, Amber, or HTML template handlers. When Algernon is started with a single file path (e.g. `algernon page.po2`), single-file mode unconditionally forces debug mode on, activating the PrettyError renderer which returns absolute file paths and complete file contents in HTTP 200 responses. Crucially, the `--prod` hardening flag does not block this behavior for non-`.lua` extensions, and publicly available exploit code exists in the GHSA advisory.

Microsoft Information Disclosure Python
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8954 HIGH PATCH This Week

Incorrect boundary conditions, integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 151 and Firefox ESR 140.11.

Mozilla Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8912 HIGH This Week

SQL injection in the Contest Gallery WordPress plugin (versions through 28.1.6) allows unauthenticated remote attackers to extract sensitive database contents by abusing the 'form_input' parameter handled by the 'post_cg_gallery_form_upload' AJAX action. The endpoint is gated only by a public nonce that is exposed in the page source of any public gallery page, effectively offering no protection against external attackers. No public exploit identified at time of analysis, but the issue was disclosed by Wordfence and affects a publicly reachable PHP endpoint.

WordPress PHP SQLi
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-61081 HIGH This Week

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break (EPB) and Supplemental Restoration System (SRS) related ECUs.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8947 HIGH PATCH This Week

Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, and Firefox ESR 140.11.

Information Disclosure Mozilla Memory Corruption Use After Free
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-45738 HIGH PATCH GHSA This Week

Stored XSS in Argo CD allows developer-role users to inject javascript: URIs via link.argocd.argoproj.io/* annotations, which render unvalidated in the Application Summary tab's URLs section. When an admin clicks the disguised link, arbitrary JavaScript executes in the ArgoCD same-origin context with the victim's session, enabling API exfiltration and developer-to-admin privilege escalation. No public exploit identified at time of analysis beyond the detailed vendor PoC, and the issue is not currently listed in CISA KEV.

Kubernetes XSS Privilege Escalation
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-51427 HIGH PATCH GHSA This Week

An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file (dey_mini.yaml) under the key ['nnet']['module'].

RCE Code Injection N A
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-39250 HIGH This Week

Authorization bypass in Innoshop 0.6.0 allows authenticated frontend users to directly invoke backend administrative interfaces, enabling privileged operations outside their intended scope. The CVSS 7.3 score reflects low-impact gains across confidentiality, integrity, and availability achievable without prior authentication to the admin panel. No public exploit identified at time of analysis, and EPSS estimates exploitation probability at just 0.02% (5th percentile), indicating minimal observed attacker interest so far.

Authentication Bypass
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-29226 HIGH PATCH This Week

Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

Apache SSRF
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-22069 HIGH This Week

Local privilege escalation in OPPO's O+ Connect application stems from missing caller identity validation on a named pipe interface (CWE-266), allowing a low-privileged local user with user interaction to escalate to higher privileges with high availability impact and scope change. The CVSS 3.1 score is 7.3 and the issue was reported by OPPO itself; no public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Privilege Escalation O Connect
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-32323 HIGH PATCH This Week

Local privilege escalation in Mullvad VPN for macOS versions 2026.1 and earlier allows a user in the admin group to gain root code execution during installation or upgrade. The installer's preinstall script executes binaries from /Applications/Mullvad VPN.app without verifying the bundle's integrity, enabling an admin-group attacker to pre-stage a malicious app bundle that runs as root. No public exploit identified at time of analysis, and the flaw is only triggerable when an installer is run, not on already-installed systems.

Privilege Escalation Apple RCE
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-70950 HIGH GHSA This Week

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request.

Path Traversal
NVD GitHub
CVSS 3.1
7.3
EPSS
0.1%
CVE-2026-8727 HIGH PATCH GHSA This Week

Remote code execution in the TYPO3 Crawler extension occurs when the X-T3Crawler-Meta response header from a crawled URL is passed unchecked to PHP's unserialize(), enabling arbitrary PHP object injection. Exploitation requires a high-privileged administrator to configure a crawler-enabled page and a Scheduler task pointing at an attacker-controlled endpoint, so while impact is full RCE on the TYPO3 host, it is gated by an unusual combination of admin access, user interaction, and externally reachable malicious URLs. No public exploit identified at time of analysis and no CISA KEV listing.

Deserialization PHP RCE
NVD
CVSS 4.0
7.1
EPSS
0.4%
CVE-2026-42100 HIGH This Week

Denial of service in Sparx Systems Pro Cloud Server 6.1 (build 167) and earlier allows authenticated remote attackers to crash the service by submitting a specially crafted SQL query that the server fails to parse safely. The flaw, reported by CERT-PL, results in unexpected termination of the Pro Cloud Server process, and no public exploit identified at time of analysis. The vendor did not respond to disclosure, so the full vulnerable version range remains unconfirmed.

Denial Of Service Pro Cloud Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-46393 HIGH PATCH GHSA This Week

Server-Side Request Forgery in HAXcms (versions <= 25.0.0 of @haxtheweb/haxcms-nodejs, with PoC against v11.0.6) allows authenticated low-privileged users to coerce the server into fetching arbitrary URLs or local file paths via the createSite endpoint's build.files parameter, with responses written to a web-accessible directory. This produces arbitrary file read, internal network reconnaissance, and cloud metadata credential theft. Publicly available exploit code exists in the GHSA advisory, though no CISA KEV listing is present.

PHP CSRF SSRF
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-32741 HIGH PATCH This Week

Heap buffer overflow in libheif versions 1.21.2 and below allows remote attackers to corrupt memory via a maliciously crafted HEIF file containing a mask image (mski) box. The flaw resides in MaskImageCodec::decode_mask_image(), where an attacker-controlled iloc extent length is memcpy'd into an undersized pixel buffer with no upper-bound validation, yielding heap corruption when a user opens the file. No public exploit identified at time of analysis, but the vulnerability is straightforward to trigger because the vulnerable branch is reachable under default library security limits.

Buffer Overflow Heap Overflow Libheif
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-32882 HIGH PATCH This Week

Heap buffer over-read in libheif versions 1.21.2 and prior allows remote attackers to crash applications or potentially leak adjacent heap memory by supplying a crafted HEIF/AVIF file with an overlay image (iovl) whose alpha channel bit depth differs from its color channels. The flaw in HeifPixelImage::overlay() uses the color channel stride to index into the alpha plane, reading up to 3,123 bytes beyond the alpha buffer for a 100×50 image with 10-bit color and 8-bit alpha. No public exploit identified at time of analysis, and the issue is fixed in version 1.22.0.

Information Disclosure Buffer Overflow Denial Of Service Libheif
NVD GitHub
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-7571 HIGH PATCH GHSA This Week

Implicit flow bypass in Red Hat Build of Keycloak allows a low-privileged authenticated user who already knows another user's credentials and a client ID to obtain OIDC access tokens from clients where the implicit flow was explicitly disabled. Beyond the unauthorized token issuance, the resulting tokens can be written to server logs, proxy logs, and HTTP Referer headers, broadening the disclosure surface. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Information Disclosure Red Hat Build Of Keycloak
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-46410 HIGH PATCH GHSA This Week

Information disclosure in FileBrowser Quantum (gtsteffaniak/filebrowser) allows unauthenticated users to view sensitive share information including source paths through the anonymous user account. The flaw stems from default user settings being applied to the anonymous user, exposing source and path data that should remain restricted. No public exploit identified at time of analysis, but a patched version (v1.4.1) has been released by the upstream maintainer.

Information Disclosure
NVD GitHub
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy