Skip to main content
CVE-2026-45648 HIGH PATCH NEWS This Week

Remote code execution in Microsoft Active Directory Domain Services allows an authenticated network attacker to trigger a stack-based buffer overflow (CWE-121) and execute arbitrary code on the targeted domain controller. With CVSS 8.8 (AV:N/AC:L/PR:L/UI:N) and high impact across confidentiality, integrity, and availability, successful exploitation could enable full domain compromise. There is no public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.

Stack Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11688 HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome versions prior to 149.0.7827.103 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page that abuses an inappropriate SVG implementation. Google rates the underlying Chromium issue as High severity, and no public exploit identified at time of analysis, though the user-interaction requirement (UI:R) and high CVSS of 8.8 make this a meaningful drive-by browsing risk once a patch is reverse-engineered.

Code Injection Google RCE Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11662 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a victim to visit a crafted HTML page. The flaw stems from a type confusion bug in Chromium's Bindings layer (CWE-843), rated High severity by Chromium and CVSS 8.8 due to network-based exploitation requiring only user interaction. No public exploit identified at time of analysis and EPSS data was not provided, but Chromium V8/bindings issues historically attract exploit development.

Google Memory Corruption RCE Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11680 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 149.0.7827.103 allows attackers to run arbitrary code inside the renderer sandbox when a victim visits a crafted HTML page, triggering a use-after-free condition in the Media component. The flaw carries a CVSS 8.8 (High) rating and is tagged by Chromium as High severity. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV.

Google Memory Corruption RCE Use After Free Microsoft +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11674 HIGH PATCH This Week

Remote code execution in Google Chrome's Guest View component prior to version 149.0.7827.103 allows attackers to execute arbitrary code within the renderer sandbox by luring users to a crafted HTML page. The flaw is a use-after-free memory corruption issue rated High severity by Chromium with a CVSS of 8.8, and while no public exploit has been identified at time of analysis, Google has shipped a patched stable channel build. Exploitation requires user interaction (visiting a malicious page) and code execution is confined to the sandbox, meaning a sandbox escape would be needed for full host compromise.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11673 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 stems from a use-after-free flaw in the InterestGroups component, enabling a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page. The vulnerability carries a CVSS 8.8 (High) score and is rated High severity by Chromium, but no public exploit identified at time of analysis and SSVC indicates exploitation status of none. Attack requires user interaction (visiting a malicious page) but no authentication.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11670 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 stems from a use-after-free flaw in the PDF component, enabling a remote attacker who lures a user into opening a crafted PDF to execute arbitrary code within the renderer sandbox. Rated High by Chromium with CVSS 8.8, the issue requires user interaction but no authentication, and currently has no public exploit identified at time of analysis.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11657 HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to version 149.0.7827.103 stems from a use-after-free flaw in the Payments component, allowing a remote attacker to run arbitrary code in the renderer process via a crafted HTML page. The issue carries a CVSS 8.8 (High) rating and was reported through Google's internal Chrome security process; no public exploit identified at time of analysis. Exploitation requires the victim to load attacker-controlled web content (UI:R), but no authentication or special privileges are needed.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11650 HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.103 allows a remote attacker to execute arbitrary code within the renderer sandbox by enticing a user to visit a crafted HTML page. The flaw is a use-after-free memory corruption issue rated High severity by Chromium and carries a CVSS 8.8 score; no public exploit identified at time of analysis, but V8 UAF bugs are historically high-value targets for exploit chains.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11649 HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine prior to version 149.0.7827.103 allows attackers to execute arbitrary code within the renderer sandbox by luring a user to a crafted HTML page. The flaw is a use-after-free memory corruption issue rated High severity by Chromium, with a CVSS 8.8 score reflecting low attack complexity but requiring user interaction. No public exploit identified at time of analysis, though V8 use-after-frees historically attract rapid weaponization for browser exploit chains.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11646 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 stems from a use-after-free condition in the ViewTransitions component, allowing a remote attacker to execute arbitrary code within the browser's renderer sandbox by serving a crafted HTML page. Google rates the Chromium security severity as High and a vendor patch is available, though no public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11637 HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to version 149.0.7827.103 stems from a use-after-free flaw in the Views UI component, enabling a remote attacker to run arbitrary code when a victim visits a crafted HTML page. Google rates the underlying Chromium severity as Critical, and a vendor patch is available; no public exploit identified at time of analysis. The CVSS 8.8 score reflects network-reachable exploitation with low complexity but requiring user interaction (visiting the malicious page).

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11633 HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to 149.0.7827.103 stems from a use-after-free condition in the browser's Bluetooth subsystem, rated Critical by Chromium's internal severity scale and CVSS 8.8 by NVD. A remote attacker operating a malicious Bluetooth peripheral can trigger memory corruption to execute arbitrary code in the browser process after the victim performs minimal interaction. No public exploit identified at time of analysis, though Google has released a patched Stable channel build addressing the flaw.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-45643 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word arises from an untrusted pointer dereference (CWE-822) that can be triggered when a victim opens a crafted document. Successful exploitation grants the attacker the privileges of the current user with high impact to confidentiality, integrity, and availability, though no public exploit identified at time of analysis. The CVSS 3.1 base score of 7.8 reflects the requirement for user interaction but no prior authentication.

Authentication Bypass Microsoft 365 Apps Microsoft 365 Office 2021 +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45486 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word is possible when a user opens a maliciously crafted document that triggers an untrusted pointer dereference (CWE-416 use-after-free). The flaw lets an unauthorized attacker execute arbitrary code in the context of the current user, and no public exploit identified at time of analysis. Risk hinges on user interaction (UI:R), making phishing-style document delivery the realistic attack pathway.

Microsoft Authentication Bypass Use After Free Memory Corruption 365 Apps +3
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45475 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office is possible through a heap-based buffer overflow (CWE-122) that an unauthenticated attacker can trigger when a user opens a crafted document. The CVSS 3.1 base score of 7.8 reflects high impact to confidentiality, integrity, and availability, with required user interaction limiting mass exploitation. There is no public exploit identified at time of analysis and the issue is not currently listed on the CISA KEV catalog.

Heap Overflow Microsoft Buffer Overflow 365 Apps Microsoft 365 +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45471 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word enables an attacker to run arbitrary code in the context of the current user by tricking them into opening a malicious document that triggers an untrusted pointer dereference. With a CVSS 7.8 score and no public exploit identified at time of analysis, the flaw is exploited locally but unauthenticated, relying on user interaction to open a crafted file. Microsoft has issued an advisory via the MSRC Security Update Guide.

Authentication Bypass Microsoft 365 Apps Microsoft 365 Office 2019 +4
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-45457 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office Word is possible through an untrusted pointer dereference (CWE-125 out-of-bounds read) that an attacker can trigger by convincing a user to open a malicious document. The CVSS 7.8 vector (AV:L/AC:L/PR:N/UI:R) reflects high impact to confidentiality, integrity, and availability once the booby-trapped file is opened, though no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Information Disclosure Microsoft Buffer Overflow 365 Apps Microsoft 365 +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44824 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office is possible through a heap-based buffer overflow (CWE-122) that triggers when a user opens or previews a maliciously crafted document. The CVSS 7.8 score reflects local attack vector with required user interaction, and no public exploit identified at time of analysis. Successful exploitation yields full confidentiality, integrity, and availability impact in the context of the current user.

Heap Overflow Microsoft Buffer Overflow 365 Apps Microsoft 365 +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-44819 HIGH PATCH Exploit Unlikely This Week

Local code execution in Microsoft Office is possible when a user opens a maliciously crafted document that triggers a heap-based buffer overflow (CWE-122), allowing the attacker to run arbitrary code in the context of the opened Office process. The CVSS 7.8 (AV:L/AC:L/PR:N/UI:R) reflects a user-interaction-driven local exploit rather than a remote network attack, and no public exploit identified at time of analysis. The flaw was reported through Microsoft Security Response Center (secure@microsoft.com) and is tracked in MSRC's update guide.

Heap Overflow Microsoft Buffer Overflow 365 Apps Microsoft 365 +5
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-47653 HIGH PATCH This Week

Remote code execution in Microsoft Remote Desktop Client occurs when a user connects to an attacker-controlled RDP server, allowing the server to corrupt heap memory and execute arbitrary code on the client endpoint. The flaw carries a CVSS 8.8 (High) rating reflecting network reach with required user interaction, and no public exploit is identified at time of analysis. The attack pivots the traditional RDP threat model - attackers compromise clients that initiate outbound connections rather than exposed servers.

Use After Free Memory Corruption Buffer Overflow Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-47289 HIGH PATCH NEWS Exploit Unlikely This Week

Heap-based buffer overflow in Microsoft Remote Desktop Client enables remote code execution when a user connects to a malicious RDP server, with the attacker gaining the same privileges as the connecting user. The CVSS 8.8 score reflects network-reachable exploitation requiring only minimal user interaction (initiating an RDP session), and no public exploit has been identified at time of analysis. The flaw is reported by Microsoft Security Response Center (secure@microsoft.com) and is categorized as CWE-122 heap-based buffer overflow.

Heap Overflow Buffer Overflow Windows App Windows 10 1607 Windows 10 1809 +11
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-42985 HIGH PATCH NEWS Exploit Likely This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a victim connects to an attacker-controlled or compromised RDP server, triggering a heap-based buffer overflow that runs attacker code in the client's context. The flaw (CWE-416 use-after-free / heap corruption) carries CVSS 8.8 and requires user interaction, with no public exploit identified at time of analysis. A vendor patch is available via Microsoft MSRC.

Use After Free Memory Corruption Buffer Overflow Remote Desktop Client Windows App +13
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11683 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 allows attackers to execute arbitrary code within the browser sandbox by luring users to a malicious HTML page that triggers a use-after-free in the WebCodecs component. Chromium rates this as High severity with a CVSS score of 8.8, and while a vendor patch is available, no public exploit has been identified at time of analysis. Exploitation requires user interaction (visiting a crafted page), which moderates real-world risk somewhat but still places this in the high-priority browser-patching tier.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11699 HIGH PATCH This Week

Heap corruption in Google Chrome on macOS prior to version 149.0.7827.103 can be triggered remotely through a crafted HTML page that exploits a use-after-free condition in the browser's Bluetooth component. Successful exploitation requires the victim to visit attacker-controlled content but no authentication, and Google has rated the underlying Chromium severity as High with no public exploit identified at time of analysis.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11698 HIGH PATCH This Week

Heap corruption in Google Chrome on macOS prior to version 149.0.7827.103 allows remote attackers to potentially execute arbitrary code by luring a victim to a crafted HTML page that triggers a use-after-free in the browser's Bluetooth component. Google has released a patched stable channel update, and while no public exploit has been identified at time of analysis, the CVSS 8.8 score reflects the high impact achievable with only a single user click. CISA SSVC currently scores exploitation as 'none' but technical impact as 'total', consistent with a serious but not yet weaponized browser flaw.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11687 HIGH PATCH This Week

Heap corruption in Google Chrome on macOS prior to 149.0.7827.103 enables remote attackers to potentially execute arbitrary code by luring a user to a crafted HTML page that exploits a use-after-free in the Dawn WebGPU implementation. The flaw carries a CVSS 8.8 (High) rating and Chromium rates it High severity; no public exploit has been identified at time of analysis, but Chrome browser bugs of this class are historically attractive targets for in-the-wild exploitation. Patch is available from Google.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11681 HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component on Linux before version 149.0.7827.103 allows remote attackers to potentially achieve arbitrary code execution within the browser process when a victim visits a crafted HTML page. The flaw is a use-after-free rated High severity by Chromium, with CVSS 8.8 reflecting network-reachable exploitation requiring only minimal user interaction. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11664 HIGH PATCH This Week

Heap corruption in Google Chrome's Payments component before 149.0.7827.103 allows remote attackers to exploit a use-after-free condition by enticing a victim to visit a crafted HTML page, potentially achieving arbitrary code execution within the renderer sandbox. Chromium rates the severity as High, and CVSS 8.8 reflects network-reachable exploitation with low complexity, though successful exploitation requires user interaction (visiting an attacker-controlled page). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11648 HIGH PATCH This Week

Heap corruption via use-after-free in Google Chrome's FullScreen component on Windows prior to 149.0.7827.103 enables remote attackers to potentially achieve code execution when a victim visits a malicious HTML page. Chromium rates this High severity and a vendor patch is available, though no public exploit has been identified at time of analysis. The CVSS 8.8 score reflects the network-reachable, low-complexity nature of the bug, tempered by required user interaction (UI:R).

Google Memory Corruption Use After Free Microsoft Denial Of Service +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11630 HIGH PATCH This Week

Heap corruption in Google Chrome's File Input component before version 149.0.7827.103 allows a remote attacker to exploit a use-after-free condition by luring a user to a crafted HTML page, with Chromium rating the issue Critical. No public exploit identified at time of analysis, but the high CVSS 8.8 score and browser attack surface make this a priority patch for desktop fleets.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-11629 HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone display server component prior to version 149.0.7827.103 allows remote attackers to exploit a use-after-free condition through a malicious web page, with Chromium rating this as Critical severity. Successful exploitation requires the victim to visit attacker-controlled HTML content, but yields high impact on confidentiality, integrity, and availability in the renderer process. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Denial Of Service Use After Free Memory Corruption Google Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-45490 HIGH PATCH Exploit Unlikely This Week

Local privilege escalation in Microsoft .NET allows an authenticated low-privileged user to elevate to higher privileges through an improper authorization flaw (CWE-285). The vulnerability carries a CVSS 7.8 (High) rating with local attack vector and low complexity, and no public exploit identified at time of analysis. Tagged as an Authentication Bypass, it requires an existing foothold on the host but no user interaction once that foothold is established.

Authentication Bypass Net
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-46317 HIGH PATCH This Week

Use-after-free in the Linux kernel KVM subsystem on arm64 allows a local attacker with the ability to manipulate nested virtualization state to dereference a freed nested_mmus array, with potential scope-crossing impact from guest to host kernel memory. Triggered by a race between kvm_vcpu_init_nested() reallocating the array under config_lock and MMU notifier walkers (kvm_unmap_gfn_range) traversing it under mmu_lock. EPSS is 0.02% and no public exploit identified at time of analysis; not listed in CISA KEV.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-5068 HIGH This Week

Out-of-bounds heap write in the Zephyr RTOS Bluetooth host allows a remote, unauthenticated BLE peer within radio range to corrupt memory during L2CAP LE Connection-oriented Channel (CoC) SDU reassembly. The flaw affects builds where the application enables SDU segmentation via chan_ops.alloc_buf and selects an RX net_buf pool whose user_data_size is smaller than 2 bytes, causing the reassembly segmentation counter in l2cap_chan_le_recv_seg() to be written past the allocated user_data region. There is no public exploit identified at time of analysis and EPSS probability is negligible (0.01%), so realistic impact is a triggered fatal error / heap corruption rather than demonstrated code execution.

Memory Corruption Buffer Overflow Zephyr
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-40371 HIGH PATCH Exploit Unlikely This Week

Privilege escalation in Microsoft Dynamics 365 (on-premises) allows a remote authenticated attacker with low-level access to gain elevated privileges across the network due to improper handling of insufficient permissions. With a CVSS score of 8.8 and full impact on confidentiality, integrity, and availability, this issue is significant for organizations running on-premises Dynamics 365 deployments. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Information Disclosure Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8365 HIGH This Week

Authenticated PHP Object Injection in the Blocksy WordPress theme (versions ≤ 2.1.35) allows contributor-level users to escalate to remote code execution by storing a malicious serialized object in post meta that is later deserialized during the V200 database migration. Wordfence-reported flaw chains weak input sanitization in blocksy_sanitize_post_meta_options() with an unconditional @unserialize() call in SearchReplacer::run_recursively(), triggering RaiiPattern::__destruct() to invoke arbitrary callables via call_user_func(). No public exploit identified at time of analysis, but the low-privilege requirement and high impact make this a meaningful priority for sites running upgraded Blocksy installations.

PHP Deserialization WordPress RCE
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-11616 HIGH This Week

Privilege escalation in the Events Calendar for GeoDirectory WordPress plugin (versions up to and including 2.3.28) allows authenticated Subscriber-level users to elevate to Administrator by abusing the ajax_ayi_action() AJAX handler, which writes attacker-controlled POST parameters directly into the wp_capabilities user meta key. The flaw stems from insufficient input filtering (strip_tags/esc_sql with no allow-list) on the type and postid fields before they reach update_user_meta(), enabling an attacker to set their own role to administrator. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Privilege Escalation WordPress
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-49959 HIGH PATCH This Week

Remote code execution in Hermes WebUI versions prior to 0.51.311 allows authenticated attackers to run arbitrary host commands by planting malicious Git configuration in a workspace repository's .git/config file. The Python backend in api/workspace_git.py invokes Git subprocesses (status, fetch) without hardening, so repo-local directives like core.fsmonitor, protocol.ext.allow, credential.helper, core.askPass, core.gitProxy, or inherited GIT_SSH_COMMAND turn read-only operations into command execution. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the vendor advisory and a VulnCheck disclosure (assigned via disclosure@vulncheck.com) confirm the bug and the corresponding fix.

RCE Command Injection
NVD GitHub
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-46746 HIGH CISA This Week

Authenticated command injection in Siemens SINEC INS versions prior to V1.0 SP2 Update 6 allows remote attackers to execute arbitrary OS commands as the sinecins service account by submitting crafted directory names to the /api/sftp/uploadFiles endpoint. The injected payloads are stored and triggered later when directory listings are retrieved, producing a stored/second-order command injection. No public exploit identified at time of analysis, but the CVSS 4.0 base score of 8.7 reflects high impact across confidentiality, integrity, and availability of the underlying host.

Command Injection Sinec Ins
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-26236 HIGH PATCH This Week

Unauthorized data access and action execution in QNAP QuMagie versions prior to 2.9.0 allows remote attackers to bypass authorization checks over the network without authentication. The CVSS 4.0 score of 8.7 reflects high confidentiality impact with low attack complexity and no privileges required, though no public exploit identified at time of analysis and KEV listing is absent.

Authentication Bypass Qumagie
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-71319 HIGH PATCH GHSA This Week

Denial of service in the npm image-size library (versions 1.1.0-1.2.0 and 2.0.0-2.0.1) lets remote unauthenticated attackers hang any application that parses untrusted JXL, HEIF, or JP2 images. By supplying a crafted file whose ISO-BMFF-style box declares a size of zero, the findBox routine never advances its offset and enters an infinite loop during validation. No public exploit identified at time of analysis, though the vendor advisory includes payload details that make weaponization straightforward.

Denial Of Service Image Size
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-44083 HIGH PATCH This Week

Authorization bypass in QNAP QuMagie versions prior to 2.9.1 allows remote unauthenticated attackers to manipulate user-controlled keys (IDOR-class flaw) and gain unintended privileges on the photo management application. The QNAP-issued advisory QSA-26-35 confirms the issue and ships a fix in 2.9.1; no public exploit identified at time of analysis, and the flaw is not currently listed in CISA KEV.

Authentication Bypass Qumagie
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-44634 HIGH This Week

Stack-based buffer overflows in SimpleBLE prior to version 0.14.0 allow remote attackers within Bluetooth range to crash applications by transmitting crafted BLE advertisements containing oversized manufacturer-specific data or service data, requiring no pairing or connection. A separate local overflow exists in the dongl backend's Protocol::simpleble_write function via caller-controlled input. No public exploit identified at time of analysis, but the patch diff and acknowledgement to researcher Mr-IoT confirm three tracked issues (EVE-2026-001/002/003).

Stack Overflow Buffer Overflow Simpleble
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-46748 HIGH CISA This Week

Local privilege escalation in Siemens SINEC INS (versions prior to V1.0 SP2 Update 6) stems from a binary shipped with the Linux cap_dac_override capability, which bypasses filesystem discretionary access control checks. An authenticated local attacker can leverage this overly broad capability to read or modify any file on the system, ultimately obtaining root. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Privilege Escalation Sinec Ins
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-6445 HIGH This Week

Information disclosure in Pure Storage FlashArray Purity (versions 6.5.0-6.5.8 and 6.10.0-6.10.5) allows an authenticated low-privileged user to retrieve sensitive data via insufficiently filtered data paths. The flaw carries a CVSS 4.0 score of 8.7 with high confidentiality, integrity, and availability impact, but SSVC indicates no public exploitation and the attack is not automatable. No public exploit has been identified at the time of analysis.

Information Disclosure Flasharray
NVD
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-46518 HIGH This Week

Stored cross-site scripting in OpenEMR before 8.0.0.1 lets an authenticated patient portal user inject HTML/JavaScript into demographic fields via the PUT api/patient/:num endpoint, which fires later in a clinician's authenticated session when the prescription CSS/HTML multi-print feature renders the patient name and address without output encoding. Because the payload executes inside the main OpenEMR UI under the clinician's session, the attacker crosses the patient-to-clinician trust boundary and can steal CSRF tokens, exfiltrate session data, and perform privileged actions as the clinician. SSVC currently rates exploitation as POC, no public exploit identified at time of analysis, and EPSS is 0.03% (9th percentile), but the cross-tenant trust crossing in a healthcare app makes the issue material for any internet-exposed deployment.

CSRF XSS Openemr
NVD GitHub VulDB
CVSS 3.1
8.7
EPSS
0.0%
CVE-2026-9740 HIGH PATCH This Week

Remote unauthenticated denial-of-service in MongoDB Server's BSON validation layer allows attackers to crash the mongod process by sending a crafted message containing nested binary structures that trigger uncontrolled mutual recursion. The CVSS 4.0 score of 8.7 reflects high availability impact with network attack vector and no authentication required. No public exploit identified at time of analysis, but the low-complexity, no-auth profile makes this a priority patch for internet-reachable MongoDB deployments.

Denial Of Service Mongodb Server
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-49741 HIGH PATCH GHSA This Week

SQL injection and privilege escalation in TYPO3 CMS 14.0.0 through 14.3.3 allow authenticated backend users holding write permissions on the form_definition table to bypass the Form Framework's persistence validation by submitting form configurations directly through DataHandler. Successful exploitation re-opens the attack class originally fixed in TYPO3-CORE-SA-2018-003, enabling injection of arbitrary form configurations that yield SQLi and elevation of privileges. No public exploit identified at time of analysis; not listed in CISA KEV.

Privilege Escalation SQLi
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-50636 HIGH PATCH This Week

SQL injection in LimeSurvey's RemoteControl API (invite_participants and remind_participants methods) allows an authenticated attacker with tokens/update permission on a survey to execute arbitrary stacked SQL queries against the application database. Because PDO emulated prepared statements are enabled and MySQL multi-statements are not disabled, attackers can read administrator bcrypt hashes via time-based blind techniques or directly overwrite credentials for instant account takeover. No public exploit identified at time of analysis; the upstream fix is published as LimeSurvey PR #5031, which replaces unsafe string concatenation with parameterized addInCondition().

Oracle SQLi
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.1%
Prev Page 3 of 16 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy