Skip to main content
CVE-2026-52904 MEDIUM PATCH This Month

Memory leak in the Linux kernel's drm/nouveau subsystem exposes systems with NVIDIA GPUs using the open-source nouveau driver to local denial of service. When aperture_remove_conflicting_pci_devices() fails during PCI device probe, the error path bypasses the fail_nvkm cleanup label, permanently leaking both the nvkm_device wrapper and the pci_enable_device() reference taken inside nvkm_device_pci_new(). No public exploit exists and EPSS sits at the 5th percentile (0.02%), confirming negligible exploitation probability; however, patched stable releases are available across multiple kernel branches.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-46329 MEDIUM PATCH This Month

Improper end-of-filesystem boundary handling in the Linux kernel EROFS driver for file-backed mounts causes a denial-of-service condition when I/O requests exceed the filesystem image boundary. Affected kernels spanning multiple stable branches fail to zero-fill out-of-bounds I/O regions as expected (analogous to loopback device behavior), producing undefined kernel behavior that results in availability loss. No public exploit has been identified and EPSS is 0.02% (5th percentile), indicating negligible opportunistic exploitation probability; patches are confirmed available across stable branches 6.12.x, 6.18.x, 6.19.x, and 7.0.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-46318 MEDIUM PATCH This Month

Lock resource leak in Linux kernel hugetlbfs subsystem enables local denial of service against systems using huge page memory mappings. Introduced by a faulty commit (ea52cb24cd3f) that incorrectly handled VMA lock allocation during the mmap_prepare stage, the defect allows a failed post-mmap_prepare allocation to leave a VMA lock unreleased, leaking kernel resources. This CVE documents the corrective revert; systems running affected kernel versions (around 6.19 through pre-7.0.12 and pre-7.1-rc6) with hugetlbfs in use are exposed to potential availability impact. No public exploit code exists and EPSS probability is 0.02% (5th percentile), indicating very low real-world exploitation activity.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-46315 MEDIUM PATCH This Month

Stale kernel memory disclosure in the Linux kernel's io_uring IORING_OP_WAITID operation allows a local low-privileged user to read arbitrary bytes from reused io_kiocb command storage via the userspace siginfo output buffer. The io_uring prep path for waitid requests fails to zero-initialize the io_waitid::info result field, meaning that when a wait completes without a child event the kernel copies whatever bytes happen to occupy that slab slot into the caller's siginfo_t. No public exploit has been identified at time of analysis; EPSS at 0.02% (5th percentile) reflects low current exploitation probability.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-55651 MEDIUM This Month

NULL pointer dereference in GPAC MP4Box v2.4 crashes the application when parsing a maliciously crafted MP4 file, enabling a Denial of Service against any user or pipeline that processes untrusted media with this tool. The flaw resides in gf_isom_get_user_data_count within isomedia/isom_read.c, where an unvalidated pointer is dereferenced during user-data atom counting. Publicly available exploit code exists as a crafted MP4 PoC, though no public exploit identified at time of analysis in CISA KEV and EPSS sits at the 5th percentile, suggesting minimal observed exploitation activity.

Denial Of Service Null Pointer Dereference N A
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-52905 MEDIUM PATCH This Month

Denial-of-service in the Linux kernel's DAMON (Data Access MONitor) subsystem allows a local low-privileged user to crash the kernel by supplying a non-power-of-two `min_region_sz` value through the DAMON sysfs interface and invoking `damon_start()`. The flaw is an incomplete remediation: commit c80f46ac228b fixed the same class of bug for the `damon_commit_ctx()` code path but left `damon_start()` - reachable via DAMON sysfs - without the `is_power_of_2()` guard. No public exploit exists and EPSS sits at 0.02% (4th percentile), indicating negligible real-world exploitation probability; no CISA KEV listing has been issued.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-34704 MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3 and 20.5.3 and earlier allows a local attacker to crash the application by delivering a crafted document file that a victim must open, resulting in a denial-of-service condition with no confidentiality or integrity impact. Exploitation is constrained by mandatory user interaction (UI:R) and a local attack vector (AV:L), significantly limiting real-world risk beyond targeted social-engineering scenarios involving design professionals. No public exploit code has been identified and CISA has not added this to the Known Exploited Vulnerabilities catalog.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-34703 MEDIUM This Month

NULL Pointer Dereference in Adobe InDesign Desktop versions 21.3, 20.5.3 and earlier enables a denial-of-service condition by crashing the application when a victim opens a specially crafted malicious file. The vulnerability carries no confidentiality or integrity impact - availability is the sole affected component. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog, limiting its urgency relative to higher-severity Adobe vulnerabilities.

Denial Of Service Null Pointer Dereference Indesign Desktop
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-34705 MEDIUM This Month

Out-of-bounds read in Adobe InDesign Desktop versions 21.3 and 20.5.3 (and earlier) exposes sensitive process memory when a victim opens a specially crafted document file. The vulnerability carries a high confidentiality impact (CVSS C:H) with no integrity or availability impact, making it a targeted information-disclosure primitive - useful for memory leak-assisted exploitation chains or direct leakage of in-memory content such as document data, credentials, or heap pointers. No public exploit code has been identified and this CVE does not appear in CISA KEV at time of analysis, but its social-engineering-friendly delivery mechanism (malicious file open) makes it a realistic phishing vector against creative industry targets who routinely handle external InDesign files.

Information Disclosure Buffer Overflow Indesign Desktop
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-41980 MEDIUM This Month

Insufficient permission enforcement in the HarmonyOS file preview module allows a local, unprivileged attacker to access sensitive file contents without authorization. Affecting Huawei HarmonyOS (all versions per CPE wildcard), the flaw is classified as CWE-200 and carries a CVSS 5.5 Medium score, with high confidentiality impact but no integrity or availability exposure. No public exploit identified at time of analysis, and Huawei disclosed this vulnerability via its June 2026 security bulletin.

Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-41979 MEDIUM This Month

Permission control failure in the HarmonyOS print module allows a local attacker - without requiring elevated privileges - to compromise system integrity through user-triggered interaction. The vulnerability resides in Huawei's HarmonyOS, disclosed via the June 2026 Huawei Security Bulletin, and carries a CVSS 5.5 (Medium) rating. No public exploit code has been identified at time of analysis, and it does not appear in the CISA KEV catalog, though the high integrity impact warrants attention in enterprise HarmonyOS deployments.

Information Disclosure
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-11620 MEDIUM This Month

Incorrect privilege assignment in the vsftpd service of TOTOLINK EX200 firmware 4.0.3c.7646 (B20201211) permits remote unauthenticated attackers to perform unauthorized write operations against the device over the network. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms exploitation requires no authentication, no user interaction, and no special attack preconditions, making this broadly reachable. Publicly available exploit code exists (E:P per CVSS supplemental metrics and confirmed in description); no active exploitation via CISA KEV has been identified at time of analysis.

Information Disclosure
NVD VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-11701 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Guest View component prior to 149.0.7827.103 enables a remote unauthenticated attacker to deceive users about page content or origin by delivering a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms exploitation requires no privileges and no special network position, but does require the victim to visit a malicious page. With an EPSS score of 0.05% at the 15th percentile and no CISA KEV listing, real-world exploitation is currently assessed as low probability, though the zero-friction delivery mechanism (a link) keeps the attack surface broad.

Information Disclosure Google Red Hat Suse
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-11666 MEDIUM PATCH This Month

UI spoofing in Google Chrome prior to 149.0.7827.103 enables remote unauthenticated attackers to deceive users into interacting with falsified browser interface elements via a crafted HTML page. The vulnerability exploits insufficient input validation in Chrome's Input component (CWE-20), carrying a moderate CVSS 5.4 with confirmed low confidentiality impact and an Information Disclosure tag suggesting data exposure risk through spoofed UI surfaces such as fake dialogs or address bar manipulation. EPSS probability is very low at 0.05% (15th percentile), no public exploit has been identified, and no CISA KEV listing exists at time of analysis.

Information Disclosure Google Red Hat Suse
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47933 MEDIUM This Month

Stored XSS in Adobe ColdFusion (2023.x through 2023.19 and 2025.x through 2025.8) enables a low-privileged attacker on an adjacent network to inject persistent malicious JavaScript into vulnerable form fields. When a victim user browses to the page containing the stored payload, the script executes in their browser context, with scope change indicating impact can extend beyond the immediate ColdFusion application - such as session hijacking or unauthorized browser-side actions. No public exploit code or CISA KEV listing has been identified at time of analysis; EPSS data was not provided in source intelligence.

XSS Coldfusion
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48304 MEDIUM This Month

Stored XSS in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields. When any user - including higher-privileged administrators - browses a page containing the injected field, the script executes in their browser under the AEM origin, with scope change (S:C per CVSS) enabling impact beyond the authoring component itself. No public exploit code or active exploitation has been identified at time of analysis; however, the persistent nature of the injection and AEM's typical enterprise deployment profile (admin, author, and reviewer roles sharing the same domain) elevate practical risk above what the medium CVSS score alone suggests.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48301 MEDIUM This Month

Stored XSS in Adobe Experience Manager (AEM) versions up to 2026.04 allows a low-privileged authenticated attacker to persist malicious JavaScript in vulnerable form fields, which executes in any victim's browser upon visiting the affected page. The CVSS S:C (Scope Changed) flag elevates the practical risk: a low-privileged content author could target administrators browsing the same AEM instance, enabling session hijacking or privilege escalation beyond the raw 5.4 Medium score implies. No public exploit identified at time of analysis; Adobe has published advisory APSB26-56 addressing the issue.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48300 MEDIUM This Month

Stored XSS in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier enables a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields. When a victim - potentially a higher-privileged user such as an administrator - browses to the affected page, the injected script executes in their browser context, enabling session token theft, credential harvesting, or actions performed on the victim's behalf. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog at time of analysis; however, the CVSS S:C (Scope Changed) designation signals that the real-world impact exceeds what the raw 5.4 Medium score implies, particularly in environments where low-privileged contributors can submit content reviewed by administrators.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48299 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions up to and including 6.5.24, LTS SP1, and 2026.04 enables a low-privileged authenticated attacker to persist malicious JavaScript into vulnerable form fields. The injected script executes in the browser of any victim who subsequently visits the affected page, with a changed scope designation (S:C) indicating the impact crosses security boundaries beyond the directly vulnerable component. No public exploit code or CISA KEV listing has been identified at time of analysis, but the combination of low privilege requirements and changed scope makes this a meaningful risk in multi-tenant or large-organization AEM deployments where content authoring access is broadly distributed.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48297 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager versions 6.5.24, LTS SP1, and 2026.04 and earlier enables an authenticated low-privileged attacker - such as a content editor - to persist malicious JavaScript payloads into vulnerable form fields. The injected script executes in the browser of any victim who subsequently browses to the affected page, with scope change (S:C) indicating the attack crosses from the author context into the victim's browser security context. No public exploit code has been identified and this vulnerability is not listed in CISA KEV at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48280 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions up to and including 6.5.24, LTS SP1, and 2026.04 allows a low-privileged authenticated attacker to execute arbitrary JavaScript in a victim's browser by manipulating the DOM environment through a crafted webpage. The CVSS scope change (S:C) indicates impact can extend beyond the vulnerable AEM component itself - for instance, to other browser-accessible resources or session contexts. No public exploit code or CISA KEV listing has been identified at time of analysis; exploitation requires deliberate social engineering to induce user interaction.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48271 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged authenticated attacker to inject and execute malicious JavaScript within a victim's browser by manipulating the client-side DOM environment. The CVSS scope change (S:C) is the critical risk amplifier here: injected script executes outside the originating component's security boundary, potentially enabling session hijacking, credential theft, or privilege escalation against higher-privileged AEM users such as administrators. This CVE is not listed in the CISA KEV catalog and no public exploit code has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48268 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged, authenticated attacker to execute malicious JavaScript within a victim's browser by manipulating the DOM environment of a crafted webpage. The CVSS Scope:Changed indicator confirms this vulnerability crosses the security boundary from the AEM application into the victim's browser context, enabling session hijacking, credential theft, or unauthorized actions on behalf of the victim. No public exploit code or CISA KEV listing has been identified at time of analysis; however, Adobe has published advisory APSB26-56 acknowledging the issue.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48266 MEDIUM This Month

DOM-based XSS in Adobe Experience Manager (AEM) versions up to 6.5.24, LTS SP1, and 2026.04 allows an authenticated low-privileged attacker to inject malicious JavaScript that executes entirely within the victim's browser via client-side DOM manipulation. The changed scope (S:C) in the CVSS vector means successful exploitation can reach session tokens, cookies, or resources beyond the directly vulnerable AEM component - a meaningful risk amplifier in enterprise content authoring environments. Exploitation requires user interaction (UI:R), meaning the attacker must social-engineer a victim into visiting a crafted webpage. No public exploit identified at time of analysis, and CISA KEV listing has not been confirmed.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48265 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions up to and including 6.5.24, LTS SP1, and 2026.04 allows a low-privileged authenticated attacker to execute arbitrary JavaScript in a victim's browser by inducing them to visit a crafted webpage. The changed scope (S:C in the CVSS vector) indicates the injected script escapes the AEM application boundary and executes in the victim's browser context, enabling session hijacking, credential harvesting, or further client-side attacks. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48264 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (versions 6.5.24, LTS SP1, and 2026.04 and earlier) allows a low-privileged authenticated attacker to inject and execute malicious JavaScript in a victim's browser by manipulating client-side DOM sinks. The CVSS scope-changed flag (S:C) indicates the injected script can operate beyond the vulnerable component's security context, enabling session theft, credential harvesting, or unauthorized administrative actions against higher-privileged users within the same AEM instance. No public exploit code has been identified and no CISA KEV listing exists at time of analysis, but the cross-privilege escalation potential in shared AEM deployments warrants prompt patching.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48258 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (versions up to and including 6.5.24, LTS SP1, and 2026.04) enables an authenticated attacker to inject and execute arbitrary JavaScript in a victim's browser by manipulating the DOM environment with attacker-controlled input. The CVSS Scope:Changed designation indicates the injected script can affect resources beyond the AEM application boundary - including session tokens and cross-origin interactions - elevating the practical impact beyond a simple content injection. No public exploit identified at time of analysis and no CISA KEV listing; Adobe has released advisory APSB26-56 addressing this issue.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48256 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows an authenticated attacker with low privileges to execute arbitrary JavaScript in a victim's browser by manipulating the DOM environment through a crafted webpage. The CVSS vector confirms scope change (S:C), meaning the injected script can affect browser contexts beyond the vulnerable AEM page itself - enabling session hijacking, credential theft, or unauthorized actions performed as the victim. No public exploit code or active exploitation has been identified at time of analysis, and exploitation requires user interaction, limiting opportunistic mass exploitation.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48251 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier allows an authenticated low-privileged attacker to inject and execute malicious JavaScript within a victim's browser by manipulating client-side DOM processing. The CVSS scope change (S:C) indicates the exploit can break out of the originating page's security context, enabling session hijacking or cross-origin actions against higher-privileged users. No public exploit identified at time of analysis, and this CVE is not currently listed in the CISA KEV catalog.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-48250 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged authenticated attacker to execute arbitrary JavaScript within a victim's browser by manipulating the client-side DOM environment. The CVSS scope change (S:C) is a notable signal - injected script executes outside the attacker's own security context, enabling session hijacking or privilege escalation against higher-privileged users such as AEM administrators. No active exploitation has been confirmed (not in CISA KEV) and no public exploit code has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47993 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (versions 6.5.24, LTS SP1, and 2026.04 and earlier) allows an authenticated low-privilege attacker to inject and execute malicious JavaScript in a victim's browser by luring them to a crafted webpage. The CVSS Scope:Changed designation (S:C) confirms the injected script can affect browser contexts beyond the vulnerable page itself, elevating potential impact beyond the C:L/I:L ratings alone suggest. No public exploit identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47990 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields. When any user browses to a page containing the poisoned field, the script executes in their browser context. The CVSS scope change (S:C) signals that exploitation crosses a security boundary - a content-authoring account can target higher-privileged administrative sessions - amplifying the effective impact beyond the medium CVSS score of 5.4. No public exploit or CISA KEV listing has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47986 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (versions 6.5.24, LTS SP1, 2026.04 and earlier) enables an authenticated attacker to inject malicious JavaScript into a victim's browser by manipulating the client-side DOM environment. The CVSS scope change (S:C) confirms the injected script can affect browser context beyond the AEM application boundary - a hallmark of XSS elevation into session hijacking or admin pivot. Exploitation requires low-privilege authenticated access and user interaction; no public exploit identified at time of analysis and this vulnerability is not listed in CISA KEV.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47978 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier enables a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields. When any user browses to the affected page, the script executes in their browser under a changed scope (S:C), meaning the injected payload escapes the attacker's own session context and impacts other users - enabling session hijacking, credential harvesting, or unauthorized AEM actions on their behalf. No public exploit code or CISA KEV listing has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47974 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields, which subsequently executes in any victim's browser upon visiting the affected page. Affected versions include AEM 6.5.24, LTS SP1, and 2026.04 and earlier. The scope-changed CVSS designation reflects the cross-context impact typical of stored XSS - compromising the victim's browser session rather than just the server-side application. No public exploit code or CISA KEV listing has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47972 MEDIUM This Month

Stored XSS in Adobe Experience Manager (versions 6.5.24, LTS SP1, and 2026.04 and earlier) allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields within the platform's content authoring interface. When a victim - typically an administrator or higher-privileged user - browses the page containing the injected field, the script executes in their browser, enabling session hijacking, credential theft, or unauthorized privileged actions. No public exploit has been identified at time of analysis and this vulnerability is not listed in CISA KEV; however, the changed scope (S:C) in the CVSS vector elevates the effective impact beyond the originating component, making this a meaningful risk in environments with untrusted low-privilege authors.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47956 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields, which executes in any victim's browser upon page visit. Affected versions span the 6.5.x LTS line through 6.5.24 and LTS SP1, as well as cloud-service releases through 2026.04. The CVSS Scope:Changed designation confirms the payload can affect browser contexts beyond the attacker's own session - elevating concern for privilege escalation against higher-privileged users such as administrators. No public exploit identified at time of analysis and no CISA KEV listing observed.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47951 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields, which executes in the browsers of other users - including higher-privileged ones - who subsequently visit the affected page. Affected versions span 6.5.24, LTS SP1, and 2026.04 and earlier. The CVSS Scope:Changed designation indicates that successful exploitation can impact components beyond the attacker's privilege boundary, elevating the practical impact of an otherwise medium-severity finding. No public exploit code exists and this CVE is not listed in the CISA KEV catalog at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47950 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) 2026.04 and earlier allows an authenticated low-privileged attacker to permanently inject malicious JavaScript into vulnerable form fields within the CMS. When any user - including administrators - browses to the page containing the poisoned field, the script executes in their browser under AEM's origin, with scope change (S:C) enabling the attacker to affect browser context beyond AEM's own security boundary. No public exploit code or CISA KEV listing has been identified at time of analysis; however, the low access complexity and persistent nature of the payload make this a credible threat in multi-tenant or contributor-accessible AEM environments.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47949 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields, which executes in the browsers of other users who visit the affected page. Affected versions span the 6.5.x branch (through 6.5.24), the LTS SP1 track, and the cloud-native 2026.04 release and earlier. The scope-changed CVSS rating reflects that the injected payload crosses the security boundary from the attacker's session context to arbitrary victim sessions, enabling session hijacking, credential harvesting, or UI redress attacks against higher-privileged users. No public exploit code has been identified at time of analysis, and no CISA KEV listing is present.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47948 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier enables a low-privileged authenticated attacker to persist malicious JavaScript in vulnerable form fields, executing in the browser of any user who subsequently views the affected page. The CVSS Scope Changed (S:C) designation confirms the injected script crosses trust boundaries, meaning payloads can target administrator sessions, exfiltrate tokens, or perform privileged actions beyond the AEM application context. Adobe has published advisory APSB26-56 addressing this issue; no public exploit has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47947 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions up to and including 6.5.24, LTS SP1, and 2026.04 allows an authenticated low-privileged attacker to inject and execute arbitrary JavaScript within a victim's browser by manipulating the client-side DOM environment through a crafted webpage. Successful exploitation results in a scope change (S:C), meaning attacker-controlled script can reach resources beyond the vulnerable AEM component - such as session tokens or cross-origin content accessible to the victim. No public exploit code has been identified at time of analysis and this CVE is not listed in CISA KEV, though Adobe's own PSIRT reported it under advisory APSB26-56.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47946 MEDIUM This Month

DOM-based Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows an authenticated attacker to inject and execute malicious JavaScript within a victim's browser by manipulating the Document Object Model. The CVSS Scope:Changed rating signals that successful exploitation breaks out of the vulnerable component's security boundary, enabling impact on resources beyond AEM itself - such as adjacent browser sessions or stored credentials. No public exploit identified at time of analysis, and CISA KEV listing is absent, but the low attack complexity and changed scope make this a meaningful risk for organizations running AEM with untrusted low-privilege users.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47945 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged authenticated attacker to inject malicious scripts into vulnerable form fields, which then execute in any victim's browser when they navigate to the affected page. The Changed scope (S:C) in the CVSS vector confirms that impact escapes the vulnerable component and reaches the victim's browser context, enabling session hijacking, credential theft, or unauthorized actions on behalf of the victim. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47944 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (versions up to 6.5.24, LTS SP1, and 2026.04) allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields within the platform. When a higher-privileged user - such as an administrator or content editor - subsequently browses to a page containing the poisoned field, the injected script executes in their browser, enabling session hijacking, credential theft, or unauthorized actions on their behalf. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog; Adobe has published advisory APSB26-56 to address this issue.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47943 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions up to and including 6.5.24, LTS SP1, and 2026.04 allows a low-privileged authenticated attacker to inject persistent malicious JavaScript into vulnerable form fields. When any user browses to the affected page, the script executes in their browser within a changed scope context, enabling session hijacking, credential theft, or unauthorized actions on behalf of the victim. No public exploit code has been identified at time of analysis, and the Adobe APSB26-56 advisory provides remediation guidance.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47942 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (versions 6.5.24, LTS SP1, and 2026.04 and earlier) permits a low-privileged authenticated attacker to persistently inject malicious JavaScript into vulnerable form fields, which then executes in any victim's browser upon visiting the affected page. The CVSS scope change (S:C) indicates the injected script can impact browser contexts beyond AEM itself - enabling session hijacking, credential harvesting, or UI redress attacks against higher-privileged users such as administrators. No public exploit has been identified at time of analysis, and CISA SSVC rates exploitation status as none with partial technical impact.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47941 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (versions 6.5.24, LTS SP1, 2026.04 and earlier) allows a low-privileged authenticated attacker to permanently inject malicious JavaScript into vulnerable form fields. When any user - including higher-privileged administrators - browses to the page containing the tainted field, the script executes in their browser under a changed scope (S:C), meaning the impact extends beyond the originating application context. No public exploit code or active exploitation via CISA KEV has been identified at time of analysis, but the low attack complexity and broad version range make this a realistic internal threat in multi-tenant AEM environments.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47939 MEDIUM This Month

Stored Cross-Site Scripting in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, and 2026.04 and earlier allows a low-privileged authenticated attacker to persistently inject malicious JavaScript into vulnerable form fields. When any user - including administrators - browses to the affected page, the injected script executes within their browser session. The CVSS Scope:Changed rating confirms the exploit crosses security boundaries: the attacker's injected payload affects victims beyond the attacker's own session, enabling session hijacking, credential theft, or privilege escalation in a CMS where administrators hold significant content control. No public exploit or CISA KEV listing has been identified at time of analysis.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-47936 MEDIUM This Month

Stored XSS in Adobe Experience Manager (AEM) versions 6.5.24, LTS SP1, 2026.04 and earlier allows a low-privileged authenticated attacker to persistently inject malicious JavaScript into vulnerable form fields via the AEM authoring interface. When any victim browses a page containing the compromised field, the injected script executes within their browser - the CVSS Scope Changed (S:C) flag confirms the impact crosses trust boundaries beyond the AEM application itself, enabling session theft or unauthorized actions on behalf of higher-privileged users. No public exploit identified at time of analysis; Adobe has published advisory APSB26-56 addressing this issue.

XSS Adobe
NVD
CVSS 3.1
5.4
EPSS
0.0%
Prev Page 4 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy