Skip to main content
CVE-2026-12174 HIGH POC This Week

Format string vulnerability in the D-Link DCS-935L 1.10.01 IP camera allows authenticated remote attackers to corrupt memory and likely achieve information disclosure or code execution by manipulating the data argument passed to snprintf within the /web/cgi-bin/greece/rhea HTTP handler. Publicly available exploit code exists per VulDB submission, though this CVE is not on the CISA KEV list. The CVSS 4.0 score of 7.4 reflects high impact on confidentiality, integrity, and availability with low-privilege authentication required.

D-Link Information Disclosure Dcs 935L
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.1%
CVE-2026-54230 HIGH This Week

Local privilege escalation via arbitrary root-owned file overwrite affects libreport's ABRT post-create event handler scripts on Red Hat Enterprise Linux 6, 7, and 8. The event scripts write output using shell redirections that lack the O_NOFOLLOW flag, so a local low-privileged user who plants a symlink in a writable crash-dump path can cause the root shell to follow it and clobber any file on the system, which can be leveraged for full system compromise. SSVC rates technical impact as total, but there is no public exploit identified at time of analysis and EPSS is negligible (0.02%, 5th percentile).

Information Disclosure Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-54228 HIGH This Week

Local privilege escalation in the abrt-dbus D-Bus service on Red Hat Enterprise Linux 6, 7, and 8 allows any unprivileged local user to win a TOCTOU race against the SetElement method, writing arbitrary text files into root-owned dump directories. By exploiting the gap between dump directory creation and post-create event execution, an attacker bypasses package validation and persists crash data for unpackaged binaries inside privileged paths, with no public exploit identified at time of analysis.

Denial Of Service Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-9848 HIGH This Week

SQL injection in the WP Ticket WordPress plugin (versions up to and including 6.0.4) allows unauthenticated remote attackers to inject arbitrary SQL via the WordPress front-end search query parameter `s`, enabling extraction of sensitive database contents. The flaw stems from concatenating the unslashed search term into a UNION sub-SELECT without using `$wpdb->prepare()`. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the unauthenticated network attack vector keeps risk meaningful on exposed sites.

WordPress SQLi Customer Support Ticket System Helpdesk
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-9109 HIGH This Week

Stored cross-site scripting in the GPTranslate - Multilingual AI Translation WordPress plugin (versions ≤ 2.31) allows unauthenticated attackers to inject arbitrary JavaScript into translated pages via the /wp-json/gptranslate/v1/request REST endpoint. Because the API key is deterministically derived as sha256(site_url) and exposed in every page's HTML as the gptApiKey JavaScript variable, any visitor can recover it and submit malicious translation payloads that execute in the browsers of subsequent visitors. No public exploit identified at time of analysis, but the exposed key makes exploitation trivial once the technique is known.

WordPress XSS Gptranslate Multilingual Ai Translation For Wordpress
NVD VulDB
CVSS 3.1
7.2
EPSS
0.2%
CVE-2026-5513 HIGH This Week

Stored cross-site scripting in the Bookly Online Scheduling and Appointment Booking System plugin for WordPress (versions through 27.2) allows remote unauthenticated attackers to inject arbitrary JavaScript via the 'bookly-customer-full-name' cookie, which is rendered without proper sanitization or output escaping. Exploitation is gated by the non-default 'Remember personal information in cookies' setting being enabled, and no public exploit identified at time of analysis. The flaw was reported by Wordfence and the upstream fix landed in changeset 3504922 in the WordPress plugin repository.

WordPress XSS Online Scheduling And Appointment Booking System Bookly
NVD VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2026-54229 HIGH This Week

Local privilege escalation in the abrt-dbus D-Bus service on Red Hat Enterprise Linux 6, 7, and 8 allows a low-privileged local user to race the ChownProblemDir method against still-running post-create event handlers. By invoking ChownProblemDir while privileged event scripts hold a write lock on the dump directory, the attacker gains filesystem ownership of files being written by root-context handlers, enabling tampering with privileged output and potential privilege escalation. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Race Condition Information Disclosure Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy