Skip to main content
CVE-2026-36808 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. EPSS is extremely low at 0.02% and no public exploit identified at time of analysis beyond a research repository, though the affected component is the web administration interface of a SOHO/SMB router.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36809 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the webAuthWhiteID parameter of the formModifyWebAuthWhiteUser function. No public exploit identified at time of analysis and EPSS exploitation probability is very low (0.02%), but the network-reachable attack surface on a customer-premises router warrants timely mitigation. The flaw is limited to availability impact per the CVSS vector, with no confidentiality or integrity consequences claimed.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36816 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that overflows a buffer in the wewifiWhiteUserInfo parameter handled by the formAddWewifiWhiteUser function. No public exploit identified at time of analysis, though a third-party research repository on GitHub references the vulnerable function, and EPSS is very low (0.02%, 4th percentile).

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-47737 HIGH PATCH GHSA This Week

Source IP spoofing in Puma Ruby web server versions 5.5.0 through 7.2.0 and 8.0.0 through 8.0.1 allows remote attackers to overwrite REMOTE_ADDR by injecting a second PROXY protocol v1 header between keep-alive requests on a persistent connection. Only deployments that explicitly enable `set_remote_address proxy_protocol: :v1` behind a trusted proxy are affected, and no public exploit identified at time of analysis. The flaw undermines any application or middleware logic that relies on client IP for access control, rate limiting, or auditing.

Authentication Bypass
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41851 HIGH PATCH This Week

Denial of service in VMware's Spring Framework (versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7) lets remote attackers exhaust memory in applications that evaluate user-supplied Spring Expression Language (SpEL) expressions, where crafted expressions trigger unbounded internal cache growth. No authentication or user interaction is required per the CVSS vector (PR:N/UI:N), and the impact is availability-only (C:N/I:N/A:H). There is no public exploit identified at time of analysis, and the EPSS probability is very low (0.01%, 2nd percentile), though CISA's SSVC framework flags the issue as automatable.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41850 HIGH PATCH This Week

Algorithmic denial of service in Spring Framework SpEL evaluation allows remote unauthenticated attackers to exhaust CPU/memory resources by submitting specially crafted Spring Expression Language expressions, degrading or crashing affected applications. Impacts Spring Framework 5.3.x through 7.0.x in any application that evaluates user-supplied SpEL. No public exploit identified at time of analysis, and the CVSS 7.5 score reflects high availability impact with no confidentiality or integrity compromise.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36806 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. No public exploit identified at time of analysis, and EPSS scoring places exploitation probability at just 0.01% (2nd percentile), suggesting low near-term mass-exploitation likelihood despite the network-reachable attack surface. The flaw is not listed in CISA KEV.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36813 HIGH This Week

Denial of service in Tenda W15E router firmware version 15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack-based buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. No public exploit identified at time of analysis, and EPSS scoring of 0.01% indicates very low predicted exploitation probability, though a research repository hosting analysis artifacts exists on GitHub.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36805 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers stack-based buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. CVSS 7.5 reflects the network-reachable, no-privilege availability impact, while EPSS sits at 0.01% (2nd percentile) and no public exploit identified at time of analysis indicates limited near-term opportunistic exploitation despite the easy attack profile.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36799 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that overflows the portalAuth parameter handled by the formPortalAuth function. No public exploit is identified at time of analysis and EPSS exploitation probability is very low (0.01%), but a public proof-of-concept research repository on GitHub references the vulnerable function.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36815 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request containing an oversized hostname parameter to the formSetNetCheckTools handler. The classic stack buffer overflow (CWE-120) currently shows no public exploit identified at time of analysis and a very low EPSS score of 0.01%, but the network-reachable management interface makes any exposed device trivially disruptable.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36794 HIGH This Week

Denial of service in Tenda W3 Wireless Router firmware v1.0.0.3(2204) allows unauthenticated remote attackers to crash the device by sending crafted HTTP requests with oversized username or password parameters that overflow stack buffers in the R7WebsSecurityHandler function. The flaw affects the router's web management interface and carries a CVSS 7.5 (availability-only impact); no public exploit identified at time of analysis and EPSS exploitation probability is very low at 0.01%.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36783 HIGH This Week

Denial-of-service via stack buffer overflow affects the Tenda O3 wireless router firmware v1.0.0.5(4180), where the fromNetToolGet handler fails to bound-check the domain parameter supplied in HTTP requests. Remote attackers can crash the router's web management service by sending a crafted request, disrupting network connectivity for downstream clients. SSVC flags the issue as proof-of-concept with automatable exploitation and partial technical impact, though EPSS remains low at 0.01% and no in-the-wild exploitation has been confirmed.

Tenda Denial Of Service Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36792 HIGH This Week

Denial of service in Tenda W3 Wireless Router firmware v1.0.0.3(2204) allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request containing a malicious wl_radio parameter to the formWifiRadioSet function. EPSS scoring (0.01%, 2nd percentile) indicates very low real-world exploitation probability, and no public exploit identified at time of analysis beyond a research repository referencing the vulnerable function.

Stack Overflow Tenda Denial Of Service Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36791 HIGH This Week

Denial of service in Tenda O3v3 firmware v1.0.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack buffer overflow in the formSetCfm handler. No public exploit identified at time of analysis, and EPSS is very low (0.01%), but the network-reachable, no-authentication attack surface on a CPE/router device makes this relevant for exposed deployments.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36797 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack buffer overflow in the formIPMacBindModify handler via the IPMacBindRuleIp parameter. No public exploit identified at time of analysis, EPSS is very low (0.01%), and SSVC reports no observed exploitation, though CISA's SSVC marks the attack as automatable with partial technical impact.

Denial Of Service Tenda Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36807 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the webAuthUserPwd parameter of the formAddWebAuthUser handler. CVSS 7.5 reflects the network-reachable, no-auth attack path with high availability impact but no confidentiality or integrity loss, and EPSS is very low (0.01%) with no public exploit identified at time of analysis.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36801 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request to the formIPMacBindAdd handler with an oversized IPMacBindRule parameter. The flaw is a classic stack/heap buffer overflow (CWE-120) reachable over the network without authentication or user interaction, but its impact is limited to availability (CVSS 7.5, A:H only). No public exploit identified at time of analysis and EPSS exploitation probability is negligible at 0.01%.

Denial Of Service Buffer Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36779 HIGH This Week

Denial of service in Tenda O3 Wireless Router firmware v1.0.0.5(4180) allows remote unauthenticated attackers to crash the device by sending crafted HTTP requests that trigger stack buffer overflows in the fromVirtualSer function. Five distinct overflow sinks (puVar2, puVar1, __s2, __s1_00, puVar3) are reachable via the same handler. No public exploit identified at time of analysis, and EPSS rates exploitation likelihood at 0.01%, but a research repository with vulnerability artifacts is referenced.

Stack Overflow Tenda Denial Of Service Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36800 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the IPMacBindIndex parameter handler of the formIPMacBindDel function. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.01%, 2nd percentile), but the network-reachable, no-auth attack surface on an edge networking device warrants attention from operators of affected hardware.

Tenda Denial Of Service Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36796 HIGH This Week

Denial of service in Tenda G0 router firmware v15.11.0.5 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request with an oversized picCropName parameter to the formCropAndSetWewifiPic handler. The flaw is a classic stack buffer overflow in the web management interface, and while no public weaponized exploit is identified, proof-of-concept research artifacts are published on GitHub. EPSS scores exploitation probability at just 0.01%, reflecting limited attacker interest despite trivial reachability.

Denial Of Service Tenda Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36793 HIGH This Week

Denial of service in Tenda W3 Wireless Router firmware v1.0.0.3(2204) allows remote unauthenticated attackers to crash the device by sending crafted HTTP requests that trigger stack-based buffer overflows in the formwrlSSIDset handler. The flaw is reachable without authentication or user interaction (CVSS 7.5, AV:N/AC:L/PR:N), but EPSS is only 0.01% and no public exploit identified at time of analysis suggests low near-term mass-exploitation likelihood despite the trivial attack surface.

Denial Of Service Buffer Overflow Stack Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41848 HIGH PATCH This Week

Denial of service in Spring Framework's AntPathMatcher allows remote unauthenticated attackers to exhaust CPU resources via Regular Expression Denial of Service (ReDoS) when attacker-controlled patterns are passed to match(), matchStart(), or extractUriTemplateVariables(). Affects Spring Framework 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. No public exploit identified at time of analysis, EPSS is very low (0.01%, 2nd percentile), and SSVC indicates no observed exploitation.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-9185 HIGH This Week

Unauthenticated tenant data disclosure in the 6Storage Rentals WordPress plugin (versions up to and including 2.22.0) allows remote attackers to read and modify arbitrary tenant profile records - including names, emails, phone numbers, physical addresses, and SSNs - by enumerating numeric userId values. The flaw stems from AJAX handlers exposed via wp_ajax_nopriv_* hooks without ownership checks or nonce validation. No public exploit identified at time of analysis, but the bug is trivially scriptable and reported by Wordfence.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-36821 HIGH This Week

Denial of service in Tenda W20E router firmware v15.11.0.6 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack-based buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. No public exploit identified at time of analysis, though a research write-up referencing the vulnerable function exists in a public GitHub repository. The combination of network-reachable attack surface, no authentication requirement, and low complexity makes opportunistic abuse against exposed admin interfaces realistic.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-36771 HIGH This Week

Denial-of-service in the Tenda W3 Wireless Router (firmware v1.0.0.3(2204)) allows remote unauthenticated attackers to crash the device by sending crafted input to the wl_radio parameter of the formwrlSSIDset function, triggering a stack-based buffer overflow. Publicly available exploit research exists in a GitHub repository, but no public exploit identified for weaponized use at time of analysis and the issue is not listed in CISA KEV. The CVSS 7.5 score reflects high availability impact without confidentiality or integrity loss.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36823 HIGH This Week

Denial of service in Tenda W20E router firmware v15.11.0.6 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function. No public exploit identified at time of analysis, though a researcher-published proof-of-concept repository on GitHub documents the issue. EPSS and KEV data are not provided, but the network-reachable, no-auth, no-interaction CVSS vector makes this a credible risk for any exposed management interface.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-36822 HIGH This Week

Denial of service in Tenda W20E router firmware v15.11.0.6 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request containing an oversized macAddr parameter to the formDelStaState handler. The flaw is a stack-based buffer overflow with high availability impact and no confidentiality/integrity loss per CVSS, and no public exploit identified at time of analysis beyond a research repository on GitHub.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-36820 HIGH This Week

Denial of service in Tenda W20E router firmware v15.11.0.6 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a stack-based buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. No public exploit identified at time of analysis, though a research repository documenting the flaw is referenced. The CVSS 7.5 (High) score reflects pure availability impact with no confidentiality or integrity loss.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-36770 HIGH This Week

Remote denial of service in Tenda US_W3V1.0BR router firmware v1.0.0.3 allows unauthenticated network attackers to crash the device by sending a crafted value in the 'Go' parameter to the ask_to_reboot function, triggering a stack-based buffer overflow. No public exploit identified at time of analysis, though a third-party research repository on GitHub references the vulnerable function.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36819 HIGH This Week

Denial of service in Tenda W20E router firmware v15.11.0.6 allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request that triggers a stack buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. The CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflects easy network-based exploitation with high availability impact but no confidentiality or integrity loss, and no public exploit identified at time of analysis beyond a research repository reference.

Denial Of Service Tenda Stack Overflow Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-39169 HIGH This Week

Unauthorized access in SEMCMS 5.0 allows remote attackers to reach the SEMCMS_copy.php endpoint without authentication, exposing sensitive functionality intended to be restricted. The CVSS 7.5 score reflects high confidentiality impact with no integrity or availability effect, and no public exploit identified at time of analysis beyond a referenced gist. The flaw stems from improper access control (CWE-284) in a PHP-based content management system.

PHP Authentication Bypass N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-47960 HIGH This Week

Arbitrary file read in Adobe ColdFusion 2023.19, 2025.8 and earlier allows remote unauthenticated attackers to exfiltrate sensitive files from the host filesystem via a malicious XML document that a victim opens through the application. The scope-changed CVSS 7.4 reflects that exploitation can impact resources beyond ColdFusion's own security context, though success hinges on user interaction. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

XXE Coldfusion
NVD
CVSS 3.1
7.4
EPSS
0.1%
CVE-2026-11572 HIGH PATCH This Week

Command injection in the npm package degit (versions before 2.8.6 and 3.0.0 through 3.3.0) lets a remote attacker run arbitrary OS commands on a victim's host when the victim is induced to run degit against a maliciously crafted repository name. The flaw stems from unsanitised user input being concatenated into shell strings inside _cloneWithGit() and fetchRefs(); publicly available exploit code exists (a PoC gist is linked from the NVD references and CVSS reports E:P), but the issue is not in CISA KEV.

Command Injection
NVD GitHub VulDB
CVSS 4.0
7.4
EPSS
0.1%
CVE-2026-41720 HIGH PATCH This Week

Authentication bypass in Spring LDAP's DirContextAuthenticationStrategy allows remote unauthenticated attackers to succeed at LDAP bind operations by supplying any non-empty username paired with an empty or null password, due to the framework failing to reject such anonymous-equivalent bind requests. Affected releases span Spring LDAP 2.4.0-2.4.4, 3.2.0-3.2.17, 3.3.0-3.3.7, and 4.0.0-4.0.3, putting Java applications that delegate authentication to these libraries at risk of impersonating arbitrary users. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Java Spring Ldap
NVD HeroDevs VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-46320 HIGH PATCH This Week

Denial-of-service via memory exhaustion in the Linux kernel's tap/vhost_net XDP path allows adjacent network attackers to leak kernel page-frag memory by sending malformed frames over a tap device. The bug in tap_get_user_xdp() fails to free pages allocated by vhost_net_build_xdp() on the error paths for undersized frames (<ETH_HLEN) and build_skb() allocation failures, with each rejected frame in a batch leaking one page-frag chunk. EPSS is 0.02% and no public exploit identified at time of analysis; not listed in CISA KEV.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-34181 HIGH PATCH This Week

Integrity-check bypass in OpenSSL 3.4.x, 3.5.x, 3.6.x, and 4.0.0 allows PKCS#12 files protected with PBMAC1 to be accepted even when secured by dangerously short HMAC keys, undermining the authentication of the keystore contents. Vendor patches are available in 3.4.6, 3.5.7, 3.6.3, and 4.0.1, and no public exploit identified at time of analysis; EPSS is 0.00% and the issue is not on the CISA KEV list.

Information Disclosure OpenSSL Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-46328 HIGH PATCH This Week

Local privilege/availability impact in the Linux kernel AppArmor subsystem stems from incomplete rlimit handling for POSIX CPU timers, where setting an rlimit through AppArmor policy did not propagate to the POSIX CPU timer machinery. A local low-privileged user operating under an AppArmor-confined profile can leverage the inconsistent limit enforcement to disrupt CPU-time accounting and cause high-impact availability effects on the system. No public exploit identified at time of analysis, and EPSS rates likelihood of exploitation at only 0.02% (7th percentile).

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-24180 HIGH This Week

Heap-based buffer overflow in NVIDIA DALI enables local authenticated attackers to achieve code execution, data tampering, denial of service, or information disclosure when a victim user interacts with attacker-supplied input. The flaw affects the Data Loading Library used in GPU-accelerated deep learning data pipelines and carries a CVSS 3.1 score of 7.3 (High). No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Nvidia Heap Overflow RCE Information Disclosure Buffer Overflow +1
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-24181 HIGH This Week

Local code execution and data tampering in NVIDIA DALI (Data Loading Library) is possible when a low-privileged user is tricked into processing attacker-controlled input through a component that performs improper index validation (CWE-129). The CVSS 7.3 vector (AV:L/AC:L/PR:L/UI:R) indicates local access, low privileges, and user interaction are required, with high impact across confidentiality, integrity, and availability. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Denial Of Service Information Disclosure Nvidia RCE
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2638 HIGH PATCH This Week

Local privilege escalation in X-VPN for macOS (website-distributed versions 77.0 through 77.5) allows a low-privileged local attacker to corrupt privileged files by abusing a race condition (TOCTOU) and symlink manipulation in the quarantine and restore workflow. Discovered and reported by Fluid Attacks, the issue is patched by the vendor; no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Apple Information Disclosure X Vpn Macos Website
NVD
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-9753 HIGH PATCH This Week

Memory disclosure and denial-of-service in MongoDB Server allows any authenticated user with aggregate command privileges to crash the database or read out-of-bounds memory by submitting a malformed binary diff through the $_internalApplyOplogUpdate aggregation pipeline stage. The flaw stems from inadequate validation of the binary diff document structure consumed by an internal oplog replay operator that is unexpectedly reachable from user-facing aggregation queries. No public exploit identified at time of analysis, but the low privilege bar and network attack vector make this a meaningful threat in multi-tenant or shared-credential MongoDB deployments.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.2
EPSS
0.1%
CVE-2026-10727 HIGH This Week

Command injection in Ivanti Endpoint Manager Mobile (EPMM) versions prior to 12.9.0.1, 12.8.0.3, and 12.7.0.2 enables an authenticated administrator with high privileges to execute arbitrary OS commands as root on the underlying server. No public exploit identified at time of analysis, and the issue is not currently listed on the CISA KEV catalog, but Ivanti EPMM has a history of being a high-value target for nation-state actors which elevates real-world urgency. The high-privilege precondition limits opportunistic abuse but the root-level outcome makes this a credible privilege-escalation and lateral-movement vector.

Ivanti Command Injection
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2026-47343 HIGH PATCH GHSA This Week

Authorization bypass in TYPO3 CMS allows non-privileged backend users with file mount access to perform write operations (move, delete, rename) on the root folders of their assigned file mounts, which were intended to be protected. The flaw affects TYPO3 versions before 10.4.57, 11.0.0-11.5.50, 12.0.0-12.4.45, 13.0.0-13.4.30, and 14.0.0-14.3.2, with CVSS 4.0 score 7.2 (High). No public exploit identified at time of analysis.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
7.2
EPSS
0.0%
CVE-2026-7556 HIGH This Week

Stored cross-site scripting in the FV Flowplayer Video Player WordPress plugin (versions through 7.5.49.7212) allows remote attackers to inject persistent JavaScript via the comment text field, which executes in any visitor's browser when the affected page is loaded. The flaw stems from insufficient input sanitization and output escaping in the comment-parsing routine and is reachable only when the non-default 'Parse Vimeo and YouTube links' (parse_comments) option is enabled and an administrator approves the malicious comment. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV.

XSS WordPress
NVD
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-47288 HIGH PATCH NEWS This Week

Remote code execution in Microsoft Windows Kerberos implementation allows an authenticated attacker on an adjacent network segment to trigger an integer overflow and execute arbitrary code. The flaw is rated CVSS 7.1 (High) with high attack complexity and requires low-level privileges, and at the time of analysis there is no public exploit identified. Because Kerberos is a core authentication service in Windows domain environments, successful exploitation has direct implications for domain trust and identity security.

Microsoft Integer Overflow Buffer Overflow
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2026-9750 HIGH PATCH This Week

MongoDB Server exposes an availability and data integrity risk allowing any low-privileged authenticated user to crash the mongod process or obtain incorrect query results by inserting specially crafted documents. The root cause - insufficient separation between user-controlled document fields and internal execution metadata (CWE-617: Reachable Assertion) - means the attack surface is the normal document write workflow, requiring no elevated roles. CVSS 6.5 (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) is consistent with this profile: network-reachable, low complexity, low-privilege; no public exploit or CISA KEV listing has been identified at time of analysis.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-9748 HIGH PATCH This Week

Remote denial-of-service in MongoDB Server allows an authenticated user to crash the mongod process by submitting an aggregation pipeline that places the $_internalConvertBucketIndexStats stage upstream of a $facet stage. The misuse of the internal PauseExecution signal trips a hard invariant assertion in TeeBuffer, terminating the database process. No public exploit identified at time of analysis, and the issue is tracked in MongoDB's internal tracker SERVER-123951.

Denial Of Service Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-8045 HIGH CISA This Week

Server-side file disclosure in Schneider Electric EcoStruxure IT Data Center Expert v9.1.1 and prior allows authenticated users to read arbitrary files on the underlying host by submitting crafted XML payloads to SOAP service endpoints. The flaw stems from improper restriction of XML External Entity references (CWE-611) in the SOAP API. No public exploit identified at time of analysis, but CISA SSVC marks the issue as automatable with partial technical impact.

XXE Information Disclosure Ecostruxure It Data Center Expert
NVD VulDB
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-9752 HIGH PATCH This Week

Denial of service in MongoDB Server allows an authenticated user to crash the database process by issuing a geospatial query backed by a 2dsphere index where the indexed field holds a GeoJSON GeometryCollection containing a Polygon defined with a strict-winding CRS. The flaw is a CWE-476 null pointer dereference reached because the rejection guard for unsupported strict-winding polygons does not recurse into GeometryCollection members. No public exploit identified at time of analysis and the issue is not on the CISA KEV list.

Denial Of Service Null Pointer Dereference Mongodb Server
NVD
CVSS 4.0
7.1
EPSS
0.0%
Prev Page 7 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy