Skip to main content
CVE-2026-27771 HIGH POC PATCH THREAT Act Now

Broken access control in Gitea's Composer package registry (versions up to and including 1.26.1) lets remote attackers read private or internal Composer package source links they should not be authorized to see, leaking internal repository/source metadata. The flaw is a missing-authorization (CWE-862) issue reported by the Gitea project itself and fixed in v1.26.2; no public exploit identified at time of analysis, and it is not listed in CISA KEV. With a CVSS 3.0 base score of 8.2 driven by high confidentiality impact, the practical effect is unauthorized disclosure of otherwise-private package sourcing information.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.0
8.2
EPSS
40.7%
Threat
4.4
CVE-2026-14606 HIGH POC This Week

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the CAN_Receive function within the Synwit SWM341 board support package's CAN handler, allowing a local low-privileged attacker to corrupt the stack and potentially achieve code execution or crash the device. The flaw carries a CVSS 4.0 base score of 7.1, and publicly available exploit code exists. The vendor was contacted but did not respond, and there is no public evidence of active exploitation.

Buffer Overflow Stack Overflow Rt Thread
NVD VulDB GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-14605 HIGH POC This Week

Stack-based buffer overflow in RT-Thread RTOS (versions up to and including 5.0.2) affects the recvmsg function within the ls1c CAN handler (bsp/loongson/ls1cdev/libraries/ls1c_can.h) for the Loongson LS1C board support package. A local attacker with low privileges can manipulate the recvmsg call path to overflow a stack buffer, corrupting memory to achieve code execution or crash the device. Publicly available exploit code exists (VulDB), but there is no public exploit identified as actively used in the wild; this is not on CISA KEV, and no vendor patch has been identified as the vendor did not respond to disclosure.

Buffer Overflow Stack Overflow Rt Thread
NVD VulDB GitHub
CVSS 4.0
7.1
EPSS
0.1%
CVE-2026-47896 HIGH PATCH This Week

Path traversal (CWE-22) in the Apache Lucene.Net.Replicator library lets remote attackers read files outside the intended index directory by supplying crafted pathnames to the replication service, disclosing arbitrary server-side files. All releases from 4.8.0-beta00005 through 4.8.0-beta00017 are affected, and Apache fixed it in 4.8.0-beta00018. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the CVSS 4.0 base score of 8.9 (High) reflects unauthenticated network access and high confidentiality impact including a subsequent-system scope change.

Path Traversal Apache Lucene Net
NVD
CVSS 4.0
8.9
EPSS
0.5%
CVE-2026-47897 HIGH PATCH This Week

Path traversal in the Apache Lucene.Net.Replicator library (versions 4.8.0-beta00005 through 4.8.0-beta00017) allows a remote, unauthenticated attacker to read files outside the intended index-replication directory by supplying crafted pathnames during index synchronization. The flaw is a CWE-22 restricted-directory bypass confined to file disclosure; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though the vendor-supplied CVSS 4.0 base score of 8.9 reflects high confidentiality impact across a scope boundary. Exploitation is gated by high attack complexity and specific attack requirements, making practical abuse less trivial than the raw score suggests.

Path Traversal Apache Lucene Net
NVD
CVSS 4.0
8.9
EPSS
0.4%
CVE-2026-58424 HIGH PATCH This Week

Authorization bypass in Gitea's Gitea Actions fork pull-request approval gate lets a low-privileged contributor permanently defeat the maintainer approval step that normally guards workflow execution on fork PRs, so that after the initial gate is subverted the attacker's workflow code runs against the repository's CI runners and secrets. CVSS is 8.9 (high) with a scope change and high integrity/availability impact; no public exploit has been identified at time of analysis, but a vendor patch (v1.26.4) is available. The flaw is classed as CWE-285 (Improper Authorization) and was self-reported by the Gitea project.

Authentication Bypass Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
8.9
EPSS
0.2%
CVE-2026-57981 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that lets an unauthenticated attacker run arbitrary code when a victim visits a malicious web page. All Edge Chromium versions prior to the vendor-patched build are affected, and the CVSS 3.1 base score is 8.8 (High). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV; exploitation requires user interaction such as browsing to attacker-controlled content.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-57974 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) allows an unauthenticated attacker to run arbitrary code by luring a victim to a malicious web page that triggers an integer overflow (CWE-190). The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R) indicates network-based exploitation requiring user interaction, with high confidentiality, integrity, and availability impact. Microsoft has released a fix; no public exploit has been identified at time of analysis, and the flaw is not listed in CISA KEV.

Integer Overflow Buffer Overflow Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-56645 HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a heap-based buffer overflow (CWE-122) that a network attacker can trigger when a victim renders crafted web content. The CVSS 3.1 base score is 8.8 with a network vector requiring user interaction (UI:R), and Microsoft has released an official fix (RL:O). No public exploit identified at time of analysis — the temporal metric E:U marks exploit code as unproven — and it is not listed in CISA KEV.

Heap Overflow Microsoft Buffer Overflow Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2026-57985 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 allows an unauthenticated remote attacker to run arbitrary code when a victim is lured into loading attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and carries a high-severity CVSS of 8.8, though it requires user interaction and has no public exploit identified at time of analysis. EPSS risk is low (0.42%, 34th percentile) and CISA SSVC currently rates exploitation status as none.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2026-27775 HIGH PATCH This Week

Privilege escalation in Gitea 1.25.5 lets a user holding a per-branch maintainer-edit grant reuse that write permission against other refs and obtain full repository write access. The flaw stems from a branch-specific permission result being cached and incorrectly reused across multiple refs within a single pre-receive hook session. It is an authenticated authorization-bypass (CWE-863) fixed in Gitea 1.26.3; no public exploit has been identified and EPSS exploitation probability is low (0.20%).

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14459 HIGH PATCH This Week

Local privilege escalation via argument injection in TUBITAK BILGEM's pardus-software (the software-center application for the Turkish Pardus Linux distribution) affects all versions up to and including 1.0.4. A low-privileged local user can smuggle attacker-controlled argument delimiters into a command the application invokes with elevated privileges, yielding full compromise of the host (confidentiality, integrity, and availability all high) with no user interaction. No public exploit has been identified at time of analysis, and the issue is not on CISA KEV; it is fixed in version 1.0.5.

Code Injection Pardus Software
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14460 HIGH PATCH This Week

Local privilege escalation via argument injection in TUBITAK BILGEM's pardus-software (the Pardus Linux application/software center) affects versions up to and including 1.0.4 and is fixed in 1.0.5. A low-privileged local user can abuse a missing authorization check (CWE-862) to inject attacker-controlled arguments into a privileged backend operation, and because the CVSS scope is Changed with High confidentiality, integrity, and availability impact, this realistically yields code execution or full compromise of the underlying system. No public exploit has been identified at time of analysis and it is not listed in CISA KEV, but the 8.8 CVSS and scope change make it a serious local escalation issue.

Authentication Bypass Pardus Software
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-10054 HIGH PATCH This Week

Cross-site WebSocket hijacking in Eclipse Theia's browser backend (versions 1.8.1 and later) lets a foreign-origin web page reach the unauthenticated /services shell-terminal RPC namespace and execute arbitrary OS commands on the victim's host. The flaw stems from fail-open Origin validation in @theia/core combined with a client-controllable fix-origin header, so simply luring a developer running Theia to a malicious site yields remote code execution. There is no public exploit identified at time of analysis, and CVSS is rated 8.8 (High) driven by the user-interaction-only barrier.

Information Disclosure Eclipse Theia
NVD GitHub
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-10055 HIGH PATCH This Week

Server-side request forgery in Eclipse Theia (version 1.26.0 and later) lets a low-privileged user connected to the /services messaging endpoint coerce the backend into fetching an attacker-supplied URL and returning the full response body, exposing localhost admin interfaces and cloud instance metadata that sit behind the browser network boundary. The flaw is exploitable by any client with access to the Theia service connection, making multi-tenant and publicly-reachable deployments the primary concern. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

SSRF Eclipse Theia
NVD GitHub
CVSS 3.1
8.5
EPSS
0.3%
CVE-2026-8921 HIGH This Week

Local privilege escalation to SYSTEM in ASUS Business Manager lets a low-privileged local user run arbitrary code by tampering with an inter-process communication (IPC) message that the software's privileged service trusts. Because the SYSTEM-level component controls a file name or path based on attacker-influenced IPC input (CWE-73), a standard user can coerce it into loading or executing attacker-chosen content. No public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV; ASUS is the reporter and has issued a security advisory.

RCE Asus Business Manager
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2022-4989 HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests,. Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ai Suite 3
NVD
CVSS 4.0
8.5
EPSS
0.1%
CVE-2026-58289 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) before 150.0.4078.48 allows an unauthenticated attacker to run arbitrary code when a victim is lured to a malicious web page, via a type-confusion flaw (CWE-843) in the browser engine. The CVSS:3.1 score is 8.3 with a scope change (S:C), indicating a likely sandbox/renderer boundary escape, though exploitation carries high attack complexity and requires user interaction. There is no public exploit identified at time of analysis and CISA SSVC records exploitation status as none, with EPSS at 0.53% (41st percentile).

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.3
EPSS
0.5%
CVE-2026-58288 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated, network-based attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact — typically by visiting a malicious or compromised web page — and the CVSS 3.1 score of 8.3 reflects high attack complexity plus a scope change consistent with a renderer sandbox escape. There is no public exploit identified at time of analysis and no CISA KEV listing, though the underlying Chromium engine origin (tags reference Google) means a shared upstream root cause across Chromium browsers is likely.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.4%
CVE-2026-58285 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) via a type-confusion flaw (CWE-843) lets an unauthorized attacker run arbitrary code when a victim is lured to malicious web content. The CVSS 3.1 base score is 8.3 with a scope change, reflecting a likely renderer-to-sandbox impact, but exploitation requires user interaction and has high attack complexity. No public exploit has been identified at time of analysis and it is not listed in CISA KEV; a vendor patch is available via Microsoft's MSRC update guide.

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.3
EPSS
0.4%
CVE-2026-58287 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to run arbitrary code when a victim views attacker-controlled web content, stemming from a use-after-free memory-corruption flaw (CWE-416). The scope-changed CVSS vector (S:C) indicates the bug can breach the browser's sandbox boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis (CVSS E:U) and it is not listed in CISA KEV.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.4%
CVE-2026-58284 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) allows an unauthorized attacker to break out of the browser's security boundary and run arbitrary code when a victim is lured to malicious web content. Rooted in an improper authorization flaw (CWE-285) with a scope-changing CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C), exploitation requires user interaction and high attack complexity. No public exploit identified at time of analysis, and it is not listed in CISA KEV, so exploitation is currently theoretical rather than observed.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.3
EPSS
0.4%
CVE-2026-58295 HIGH PATCH This Week

Security-feature bypass in Microsoft Edge (Chromium-based) stems from a type-confusion (CWE-843) flaw that a remote, unauthenticated attacker can trigger over the network to defeat a browser security boundary. Microsoft has published a fix via its Update Guide (CVE-2026-58295), and the issue carries a CVSS 8.3 with a scope change reflecting the crossed trust boundary. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
8.3
EPSS
0.4%
CVE-2026-58423 HIGH PATCH This Week

Authentication bypass in Gitea's Git LFS (Large File Storage) SSH handling allows a low-privileged authenticated user to read files from private repositories they should not access by supplying a malformed SSH sub-verb, per the Gitea security advisory GHSA-7wvc-rvp7-w99x. Because the flaw crosses a security boundary (CVSS scope change) it exposes confidential repository contents without any integrity or availability impact. No public exploit has been identified at time of analysis, and it is not listed in CISA KEV, but a vendor patch is available in Gitea 1.26.4.

Authentication Bypass Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.7
EPSS
0.3%
CVE-2026-58293 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) before version 150.0.4078.48 lets an unauthorized attacker run arbitrary code when a victim is lured to interact with attacker-controlled content, stemming from external control of a file name or path (CWE-73). The flaw is network-reachable but non-trivial to exploit, requiring user interaction and high attack complexity, and there is no public exploit identified at time of analysis. Microsoft has released a patched build, and EPSS estimates a low 0.53% exploitation probability with SSVC reporting no observed exploitation.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-14352 HIGH This Week

Arbitrary file read in the AR for WooCommerce WordPress plugin (all versions through 8.40) lets unauthenticated attackers traverse directories via the 'file' parameter of AJAX-driven secure-download handlers, exposing wp-config.php, credentials, and other sensitive server files. The vulnerability is notable because three independent access controls - nonce validation, AES-256-CBC payload encryption, and a Referer check - each fail on default free installations, collapsing what looks like a defended endpoint into an open file-disclosure primitive. No public exploit identified at time of analysis, but the flaw is trivially reachable and was reported by Wordfence.

WordPress Path Traversal Ar For Woocommerce
NVD VulDB
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-14327 HIGH This Week

Arbitrary file disclosure in the AR for WordPress plugin (versions up to and including 8.40) lets unauthenticated remote attackers read any file the web server can access via a path-traversal payload in the 'file' parameter of its secure-download handler. Exploitation is gated by a nonce and encryption-key check, but both can be satisfied remotely on default free or unlicensed installations, exposing wp-config.php and other secrets. No public exploit identified at time of analysis and the flaw is not in CISA KEV, though the vendor (Wordfence) documents the full unauthenticated bypass path.

WordPress Path Traversal Ar For Wordpress
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2026-58276 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory corruption flaw (CWE-416) that an unauthorized network attacker can trigger to run arbitrary code in the browser process. Exploitation requires the victim to interact with attacker-controlled content (UI:R) and involves high attack complexity (AC:H), so a user must be lured to a malicious or compromised page. No public exploit has been identified at time of analysis, and the issue is not listed in CISA KEV; Microsoft has released a fix.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-57986 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free memory-corruption bug (CWE-416) that an unauthorized attacker can trigger over the network to run arbitrary code in the browser's context. Exploitation requires the victim to interact with attacker-controlled web content and the CVSS vector flags high attack complexity, so successful attacks are not trivial. There is no public exploit identified at time of analysis and no CISA KEV listing, but a vendor patch is available from Microsoft.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-57992 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run arbitrary code when a victim is lured into loading attacker-controlled web content that triggers a use-after-free memory corruption. The flaw carries a CVSS 3.1 base of 7.5 and requires user interaction, and the CVSS temporal metrics (E:U, RL:O, RC:C) indicate the issue is confirmed and officially patched with no public exploit identified at time of analysis. Because Edge shares Chromium's rendering engine, the underlying defect is likely rooted in an upstream Chromium/Blink component (the intel tags also reference Google).

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-57984 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthenticated attacker can trigger over the network when a victim loads attacker-controlled web content. Microsoft has released an official fix and rates the issue 7.5 (High), tempered by high attack complexity and required user interaction; the CVSS temporal data marks exploit maturity as Unproven (E:U), so there is no public exploit identified at time of analysis and no CISA KEV listing. The vendor tags ('Google', 'Use After Free', 'Denial Of Service') indicate this most likely tracks an upstream Chromium engine defect inherited by Edge.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-57975 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a type-confusion flaw (CWE-843) that an unauthenticated attacker can trigger when a victim visits a malicious web page. Microsoft has released an official fix, and while exploit maturity is currently unproven (no public exploit identified at time of analysis), the high confidentiality, integrity, and availability impact combined with network reach makes it a meaningful browser patch. The CVSS 3.1 base score is 7.5 with high attack complexity and required user interaction, tempering real-world exploitability.

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-4967 HIGH This Week

Remote denial of service in the IMS (IP Multimedia Subsystem) implementation of Unisoc mobile chipsets allows an unauthenticated remote attacker to crash the affected component via an out-of-bounds read triggered by a missing bounds check. The flaw spans a broad range of Unisoc SoCs (SC7731E, SC9832E, SC9863A, T310/T610/T618, T7200-series, T8100/T8200/T8300, T9100) commonly used in budget Android smartphones. It carries CVSS 7.5 with availability-only impact and no confidentiality or integrity effect; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Buffer Overflow Sc7731E Sc9832E Sc9863A T310 T610 T618 T7200 T7225 T7250 T7255 T7280 T7300 T8100 T9100 T8200 T8300
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-58294 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthorized, remote attacker can trigger to run arbitrary code. Exploitation requires the victim to interact with attacker-controlled web content, and the CVSS 3.1 vector marks high attack complexity (AC:H) despite requiring no privileges (PR:N). Microsoft has released a fix; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-58292 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run code on a victim's machine when the user is lured into interacting with attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and, per its CVSS scope-change metric, is consistent with a renderer/sandbox boundary escape. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-58299 HIGH PATCH This Week

Remote code execution in Microsoft Edge for Android (Chromium-based) arises from a time-of-check to time-of-use (TOCTOU) race condition that an unauthenticated network attacker can win to run arbitrary code, though success requires the victim to interact (UI:R) and the timing window makes exploitation high-complexity. Microsoft (self-reported) has shipped an official fix, and the temporal signals (E:U, RC:C) indicate no public exploit identified at time of analysis despite confirmed technical validity. The flaw is credited to Microsoft/Google collaboration and tagged as an authentication-bypass-class issue.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-57991 HIGH PATCH This Week

Information disclosure in Microsoft Edge (Chromium-based) lets a remote attacker read sensitive data by abusing improper symbolic/link resolution (CWE-59) when a victim interacts with attacker-controlled content. Exploitation requires user interaction (UI:R) but no authentication (PR:N), and the scope-changed impact (S:C) indicates data is exposed beyond the browser's own security boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Information Disclosure Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.4
EPSS
0.8%
CVE-2026-58290 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a type confusion flaw (CWE-843) that an unauthorized attacker can trigger over the network to run arbitrary code, provided the victim interacts with attacker-controlled web content. Microsoft self-reported and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) and required user interaction (UI:R) temper an otherwise network-reachable, unauthenticated attack surface.

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-25038 HIGH PATCH This Week

Gitea 1.26.2 allows unauthorized users to access labels of private organizations.

Gitea Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-24451 HIGH PATCH This Week

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized.

Gitea Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-26307 HIGH PATCH This Week

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources.

Denial Of Service Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-58419 HIGH PATCH This Week

Information disclosure in Gitea Open Source Git Server (through 1.26.2) allows a user whose repository access has been revoked to continue viewing private issue metadata via the Notification API, because notification records are not purged or re-authorized when permissions change. The CVSS 3.1 base score is 7.5 (C:H) and the vendor (Gitea) fixed it in 1.26.3/1.26.4. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile), indicating limited near-term exploitation likelihood.

Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27657 HIGH PATCH This Week

Gitea versions before 1.25.5 allow a user to change another user's primary email address.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27779 HIGH PATCH This Week

Canonical URL spoofing in Gitea before 1.25.5 lets remote attackers inject malformed X-Forwarded-Proto values that the server trusts when computing its public-facing URL, causing it to emit attacker-controlled canonical links (e.g. in emails, redirects, and generated absolute URLs). No public exploit identified at time of analysis, and the low EPSS score (0.17%, 6th percentile) reflects minimal in-the-wild interest, but a vendor patch is available in v1.25.5. Note that the published CVSS vector claims availability impact (A:H) while the description describes URL spoofing (an integrity concern), a discrepancy worth verifying with the vendor.

Authentication Bypass Canonical Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27660 HIGH PATCH This Week

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-58421 HIGH PATCH This Week

Denial of service in Gitea, the self-hosted open-source Git service, allows a remote unauthenticated attacker to exhaust server CPU by triggering catastrophic backtracking in the regular-expression engine that evaluates CODEOWNERS pattern matching. All versions prior to the fixed 1.26.3/1.26.4 releases are affected, and the CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H only) confirms network-reachable, low-complexity, no-authentication abuse with availability-only impact. There is no public exploit identified at time of analysis and EPSS is low (0.16%, 6th percentile), so exploitation risk is real but not yet widespread.

Authentication Bypass Denial Of Service Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-25712 HIGH PATCH This Week

Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-24690 HIGH PATCH This Week

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-57993 HIGH PATCH This Week

Server-side request forgery in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker coax a victim's browser into issuing forged network requests, enabling spoofing and disclosure of sensitive data over the network. Exploitation requires user interaction (visiting or interacting with attacker-controlled content), and the CVSS scope-change flag indicates the browser can be pivoted to reach resources beyond its own security boundary. No public exploit identified at time of analysis (CVSS E:U), but a vendor fix is already available and the finding is vendor-confirmed (RC:C).

SSRF Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.4
EPSS
0.6%
CVE-2026-13341 HIGH PATCH This Week

Indirect prompt injection in the Kong Konnect Model Context Protocol (MCP) server (konghq mcp-konnect) before version 1.0.0 allows a remote attacker to smuggle malicious instructions into content that an LLM agent processes, causing the agent to issue unintended Kong Konnect API requests. Because the injected instructions execute with the trust and credentials of the connected agent, an attacker can exfiltrate sensitive Konnect data or drive management API calls the operator never intended. No public exploit identified at time of analysis, but the CVSS 7.4 rating (scope-changed, confidentiality-high) reflects meaningful impact once an agent ingests attacker-controlled data.

Code Injection Mcp Konnect
NVD GitHub
CVSS 3.1
7.4
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy