Skip to main content
CVE-2026-4967 HIGH This Week

Remote denial of service in the IMS (IP Multimedia Subsystem) implementation of Unisoc mobile chipsets allows an unauthenticated remote attacker to crash the affected component via an out-of-bounds read triggered by a missing bounds check. The flaw spans a broad range of Unisoc SoCs (SC7731E, SC9832E, SC9863A, T310/T610/T618, T7200-series, T8100/T8200/T8300, T9100) commonly used in budget Android smartphones. It carries CVSS 7.5 with availability-only impact and no confidentiality or integrity effect; there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Buffer Overflow Sc7731E Sc9832E Sc9863A T310 T610 T618 T7200 T7225 T7250 T7255 T7280 T7300 T8100 T9100 T8200 T8300
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-58294 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a use-after-free (CWE-416) memory-corruption flaw that an unauthorized, remote attacker can trigger to run arbitrary code. Exploitation requires the victim to interact with attacker-controlled web content, and the CVSS 3.1 vector marks high attack complexity (AC:H) despite requiring no privileges (PR:N). Microsoft has released a fix; there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-58292 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) lets an unauthenticated attacker run code on a victim's machine when the user is lured into interacting with attacker-controlled web content. The flaw stems from improper input validation (CWE-20) and, per its CVSS scope-change metric, is consistent with a renderer/sandbox boundary escape. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has released a fix.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-58299 HIGH PATCH This Week

Remote code execution in Microsoft Edge for Android (Chromium-based) arises from a time-of-check to time-of-use (TOCTOU) race condition that an unauthenticated network attacker can win to run arbitrary code, though success requires the victim to interact (UI:R) and the timing window makes exploitation high-complexity. Microsoft (self-reported) has shipped an official fix, and the temporal signals (E:U, RC:C) indicate no public exploit identified at time of analysis despite confirmed technical validity. The flaw is credited to Microsoft/Google collaboration and tagged as an authentication-bypass-class issue.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-57991 HIGH PATCH This Week

Information disclosure in Microsoft Edge (Chromium-based) lets a remote attacker read sensitive data by abusing improper symbolic/link resolution (CWE-59) when a victim interacts with attacker-controlled content. Exploitation requires user interaction (UI:R) but no authentication (PR:N), and the scope-changed impact (S:C) indicates data is exposed beyond the browser's own security boundary. Microsoft has released a fix; there is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Information Disclosure Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.4
EPSS
0.8%
CVE-2026-58290 HIGH PATCH This Week

Remote code execution in Microsoft Edge (Chromium-based) stems from a type confusion flaw (CWE-843) that an unauthorized attacker can trigger over the network to run arbitrary code, provided the victim interacts with attacker-controlled web content. Microsoft self-reported and has shipped a fix; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. The high attack complexity (AC:H) and required user interaction (UI:R) temper an otherwise network-reachable, unauthenticated attack surface.

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-25038 HIGH PATCH This Week

Gitea 1.26.2 allows unauthorized users to access labels of private organizations.

Gitea Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-24451 HIGH PATCH This Week

Gitea 1.26.2 allows fork synchronization to continue after a parent repository changes from public to private, exposing data to a fork that should no longer be authorized.

Gitea Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-26307 HIGH PATCH This Week

Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources.

Denial Of Service Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-58419 HIGH PATCH This Week

Information disclosure in Gitea Open Source Git Server (through 1.26.2) allows a user whose repository access has been revoked to continue viewing private issue metadata via the Notification API, because notification records are not purged or re-authorized when permissions change. The CVSS 3.1 base score is 7.5 (C:H) and the vendor (Gitea) fixed it in 1.26.3/1.26.4. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile), indicating limited near-term exploitation likelihood.

Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27657 HIGH PATCH This Week

Gitea versions before 1.25.5 allow a user to change another user's primary email address.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27779 HIGH PATCH This Week

Canonical URL spoofing in Gitea before 1.25.5 lets remote attackers inject malformed X-Forwarded-Proto values that the server trusts when computing its public-facing URL, causing it to emit attacker-controlled canonical links (e.g. in emails, redirects, and generated absolute URLs). No public exploit identified at time of analysis, and the low EPSS score (0.17%, 6th percentile) reflects minimal in-the-wild interest, but a vendor patch is available in v1.25.5. Note that the published CVSS vector claims availability impact (A:H) while the description describes URL spoofing (an integrity concern), a discrepancy worth verifying with the vendor.

Authentication Bypass Canonical Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-27660 HIGH PATCH This Week

Gitea versions before 1.25.5 allow draft release data or attachments to be accessed without the required write permission.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-58421 HIGH PATCH This Week

Denial of service in Gitea, the self-hosted open-source Git service, allows a remote unauthenticated attacker to exhaust server CPU by triggering catastrophic backtracking in the regular-expression engine that evaluates CODEOWNERS pattern matching. All versions prior to the fixed 1.26.3/1.26.4 releases are affected, and the CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N, A:H only) confirms network-reachable, low-complexity, no-authentication abuse with availability-only impact. There is no public exploit identified at time of analysis and EPSS is low (0.16%, 6th percentile), so exploitation risk is real but not yet widespread.

Authentication Bypass Denial Of Service Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-25712 HIGH PATCH This Week

Gitea versions before 1.25.5 have insufficient visibility checks in organization permission APIs for hidden members and private organizations.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-24690 HIGH PATCH This Week

Gitea versions before 1.25.5 have insufficient permission checks for updating or rebasing pull request branches.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-57993 HIGH PATCH This Week

Server-side request forgery in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker coax a victim's browser into issuing forged network requests, enabling spoofing and disclosure of sensitive data over the network. Exploitation requires user interaction (visiting or interacting with attacker-controlled content), and the CVSS scope-change flag indicates the browser can be pivoted to reach resources beyond its own security boundary. No public exploit identified at time of analysis (CVSS E:U), but a vendor fix is already available and the finding is vendor-confirmed (RC:C).

SSRF Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.4
EPSS
0.6%
CVE-2026-13341 HIGH PATCH This Week

Indirect prompt injection in the Kong Konnect Model Context Protocol (MCP) server (konghq mcp-konnect) before version 1.0.0 allows a remote attacker to smuggle malicious instructions into content that an LLM agent processes, causing the agent to issue unintended Kong Konnect API requests. Because the injected instructions execute with the trust and credentials of the connected agent, an attacker can exfiltrate sensitive Konnect data or drive management API calls the operator never intended. No public exploit identified at time of analysis, but the CVSS 7.4 rating (scope-changed, confidentiality-high) reflects meaningful impact once an agent ingests attacker-controlled data.

Code Injection Mcp Konnect
NVD GitHub
CVSS 3.1
7.4
EPSS
0.3%
CVE-2026-49814 HIGH PATCH This Week

Arbitrary OS command execution in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025 and LTS2024 branches) lets a high-privileged, remotely-authenticated attacker run operating-system commands on the backup appliance by injecting special characters into an OS command context. The flaw was reported by Dell and is addressed in advisory DSA-2026-278; no public exploit identified at time of analysis and it is not listed in CISA KEV. Because it grants full command execution on a data-protection appliance, successful exploitation can compromise the confidentiality, integrity and availability of backup data.

Command Injection Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
7.2
EPSS
1.2%
CVE-2026-53478 HIGH This Week

Authenticated OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LTS2025 8.3.1.0-8.3.1.30, and LTS2024 7.13.1.0-7.13.1.70) lets a high-privileged remote attacker inject arbitrary operating-system commands and execute them on the appliance. Successful exploitation yields full confidentiality, integrity, and availability impact (CVSS 7.2), effectively giving an authenticated administrator command execution on the underlying OS of a backup/data-protection system. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Command Injection Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
7.2
EPSS
1.2%
CVE-2026-49815 HIGH PATCH This Week

OS command injection in Dell PowerProtect Data Domain (versions 7.7.1.0 through 8.7, plus the LTS2026, LTS2025, and LTS2024 maintenance branches) lets an authenticated high-privileged remote attacker execute arbitrary operating-system commands on the appliance via improperly neutralized special characters (CWE-78). Because the attacker already holds elevated privileges, the flaw functions as a privilege-boundary and integrity break - turning administrative access into full underlying-OS command execution with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV; it was reported by Dell and fixed in advisory DSA-2026-278.

Command Injection Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
7.2
EPSS
1.1%
CVE-2026-58379 HIGH This Week

Heap-based buffer overflow in GIMP's Paint Shop Pro (PSP) image format parser lets an attacker achieve arbitrary code execution or crash the application when a victim opens a maliciously crafted PSP file. The flaw stems from incorrect buffer-size arithmetic on low bit-depth images, and affects GIMP as shipped across Red Hat Enterprise Linux 6 through 9. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV; exploitation requires local file-open interaction (CVSS 7.3).

Heap Overflow Denial Of Service Buffer Overflow RCE Red Hat Enterprise Linux 6 +3
NVD VulDB
CVSS 3.1
7.3
EPSS
0.2%
CVE-2022-4990 HIGH This Week

** UNSUPPORTED WHEN ASSIGNED ** Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to bypass security validation and access restricted memory blocks. Rated high severity (CVSS 7.3). No vendor patch available.

Privilege Escalation Ai Suite 3
NVD
CVSS 4.0
7.3
EPSS
0.1%
CVE-2026-9148 HIGH This Week

Stored cross-site scripting in the Comments - wpDiscuz WordPress plugin (versions up to and including 7.6.56) allows unauthenticated guest commenters to persist malicious script by injecting into the 'Website' field, which is later rendered unescaped by getCommentAuthor(). The stored comment_author_url is interpolated directly into single-quoted HTML attributes without esc_url() or esc_attr(), so any visitor viewing an affected comment thread executes the attacker's payload in their browser session. No public exploit identified at time of analysis, but exploitation requires no authentication and the source-level root cause is documented in the WordPress plugin trac.

WordPress XSS Comments Wpdiscuz
NVD
CVSS 3.1
7.2
EPSS
0.3%
CVE-2026-13040 HIGH This Week

Stored cross-site scripting in the NEX-Forms - Ultimate Forms Plugin for WordPress (all versions through 9.2.2) lets unauthenticated attackers persist arbitrary JavaScript via the 'real_val__' form-submission parameter, which later executes in the browser of any user who views the affected page. The flaw is amplified by a design weakness: the submission handler is registered through wp_ajax_nopriv_submit_nex_form with no nonce/CSRF verification, so no authentication or valid session is required to reach the vulnerable sink. There is no public exploit identified at time of analysis and no CISA KEV listing, but the unauthenticated, network-reachable nature makes it a practical mass-exploitation candidate against exposed WordPress sites.

WordPress XSS CSRF Nex Forms Ultimate Forms Plugin For Wordpress
NVD VulDB
CVSS 3.1
7.2
EPSS
0.3%
CVE-2026-57988 HIGH PATCH This Week

Code execution via relative path traversal in Microsoft Edge (Chromium-based) allows a remote unauthenticated attacker to run arbitrary code when a user is lured into interacting with attacker-controlled content, consistent with the CVSS PR:N/UI:R vector. Rated CVSS 7.1 with high integrity impact (I:H), low availability impact (A:L), and no confidentiality impact (C:N). No public exploit identified at time of analysis (exploit maturity Unproven, E:U) and the CVE is not in CISA KEV, but an official vendor fix is available (RL:O).

Path Traversal Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.1
EPSS
0.5%
CVE-2026-20779 HIGH PATCH This Week

TOTP two-factor authentication replay in Gitea 1.5.0 through 1.26.2 lets a captured valid one-time code be accepted multiple times instead of being invalidated after first use, weakening 2FA on both the web login flow and the Basic Auth X-Gitea-OTP header path. An attacker who observes a legitimate TOTP code (via interception, shoulder-surfing, or logging) can replay it within its validity window to authenticate as the victim. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; the flaw is fixed in Gitea 1.26.3.

Gitea Information Disclosure Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.1
EPSS
0.5%
CVE-2026-57977 HIGH PATCH This Week

Spoofing in Microsoft Edge (Chromium-based) arises from a cross-site scripting (CWE-79) flaw that lets a network-based, unauthenticated attacker inject script into a generated web page, producing a convincing spoofed browser context after the victim interacts with malicious content. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R, C:L/I:H) reflects a high-integrity spoofing impact gated only by user interaction. There is no public exploit identified at time of analysis and it is not listed in CISA KEV; Microsoft has released a patch through the MSRC update guide.

XSS Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.1
EPSS
0.4%
CVE-2026-28740 HIGH PATCH This Week

Broken authorization in Gitea (self-hosted Git service) versions up to and including 1.26.2 lets a user who holds general repository access but has NOT been granted the Code unit permission read private source content by reusing Git LFS objects to authorize otherwise-restricted source objects. The flaw (CWE-639, tracked as GHSA-2m9v-5q2g-58vq) enables horizontal privilege escalation to confidential code within a repository. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but a vendor patch shipped in 1.26.3.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
7.1
EPSS
0.3%
CVE-2026-58297 HIGH PATCH This Week

Information disclosure in Microsoft Edge for Android (Chromium-based) allows a network-based attacker to expose a victim's private personal information, but only after luring the user into interacting with attacker-controlled content (UI:R). The flaw carries a CVSS 7.1 rating driven by high confidentiality impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. A vendor patch is available via Microsoft's MSRC update guide.

Information Disclosure Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2026-58296 HIGH PATCH This Week

Information disclosure in Microsoft Edge for Android allows a remote unauthenticated attacker to exfiltrate private personal information over the network when a victim interacts with attacker-controlled content. The flaw carries a CVSS 7.1 with high confidentiality impact and stems from private data being exposed to an unauthorized actor (CWE-359); Microsoft has released a fix. No public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
7.1
EPSS
0.3%
CVE-2026-58283 MEDIUM PATCH This Month

Spoofing in Microsoft Edge (Chromium-based) stems from a type-confusion memory-safety defect (CWE-843) that a remote, unauthenticated attacker can leverage over the network to misrepresent content or origin to the victim. Microsoft rates it CVSS 8.1 with a changed scope, driven largely by high integrity impact, though the CVSS vector's high attack complexity (AC:H) signals non-trivial exploitation. There is no public exploit identified at time of analysis (CVSS E:U), and it is not listed in CISA KEV; Microsoft has already shipped an official fix (RL:O).

Memory Corruption Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.9
EPSS
0.4%
CVE-2026-59234 MEDIUM PATCH This Month

{id} path parameter in GET /calendar/event/delete/{id}. The delete handler calls Calendar::find($id)->delete() with no user_id or company_id scoping, meaning possession of a valid session is the only gate to destroying arbitrary records. No public exploit has been identified at time of analysis; a confirmed fix is available in the v5.5.3 release.

Authentication Bypass PHP
NVD GitHub
CVSS 4.0
6.9
EPSS
0.4%
CVE-2026-58286 MEDIUM PATCH This Month

Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker misrepresent trusted UI or content to a victim by abusing improper access control (CWE-284), per Microsoft's own advisory (MSRC CVE-2026-58286). The high CVSS 8.1 is driven by a scope-changed impact (S:C) with high integrity effect, though the AC:H rating signals the attack is not trivially reliable. Currently there is no public exploit identified at time of analysis and no CISA KEV listing, so this is a proactively-patched issue rather than one under active exploitation.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.9
EPSS
0.4%
CVE-2026-58282 MEDIUM PATCH This Month

Spoofing in Microsoft Edge (Chromium-based) lets a remote, unauthenticated attacker bypass an origin/security-context access control (CWE-284) to misrepresent trusted content or UI over a network. The flaw carries CVSS 8.1 with a scope-changed vector and high integrity impact, meaning a successful spoof can influence resources beyond the initially vulnerable component. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but Microsoft has shipped an official fix.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.9
EPSS
0.4%
CVE-2026-49813 MEDIUM PATCH This Month

OS command injection in Dell PowerProtect Data Domain across four supported release tracks allows a high-privileged local attacker to execute arbitrary operating system commands. Affected versions span the main release line (7.7.1.0-8.7) as well as LTS2024, LTS2025, and LTS2026 branch releases. No public exploit code or active exploitation has been identified at time of analysis; the local access and high-privilege prerequisites substantially constrain the realistic attack surface despite the full C/I/A impact scores.

Command Injection Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
6.7
EPSS
0.5%
CVE-2026-54483 MEDIUM PATCH This Month

OS command injection in Dell PowerProtect Data Domain enables a high-privileged local attacker to execute arbitrary operating system commands on the backup appliance, achieving full command execution within the Data Domain OS (DDOS). The flaw spans the general release track (7.7.1.0-8.6) and three LTS streams (LTS2024, LTS2025, LTS2026), indicating a shared vulnerable code path across a wide version surface. No public exploit code or CISA KEV listing exists at time of analysis, and the PR:H/AV:L prerequisites meaningfully constrain real-world risk to insider threats or post-compromise scenarios.

Command Injection Dell Data Domain Operating System
NVD VulDB
CVSS 3.1
6.7
EPSS
0.5%
CVE-2026-8804 MEDIUM This Month

Cleartext storage of sensitive parameters in Puppet's resource_api module (versions 1.5.0-1.9.1 and 2.0.0) causes passwords and other credential values to persist unmasked in the Puppet agent's local transaction state cache. The sensitive flag - intended to prevent exactly this exposure - is silently dropped during resource_api parameter processing, meaning any resource type built on this API and declaring sensitive parameters leaks those values to the cache filesystem. No public exploit exists and this is not listed in CISA KEV, but the confidentiality impact is high for environments where Puppet manages secrets such as database passwords or API tokens.

Information Disclosure Puppet Core Puppet Enterprise
NVD VulDB
CVSS 4.0
6.7
EPSS
0.1%
CVE-2026-26355 MEDIUM PATCH This Month

OS command injection in Dell PowerProtect Data Domain across four version release trains allows a high-privileged remote attacker to execute arbitrary operating system commands on the appliance. Affected products span mainline versions 7.7.1.0 through 8.7 and three LTS branches, confirmed by Dell Security Advisory DSA-2026-278. No public exploit identified at time of analysis and the CVE is absent from CISA KEV; however, the high integrity and availability impact (I:H/A:H) on a backup appliance makes patching urgent for environments where backup infrastructure is shared or admin credentials are broadly distributed.

Command Injection Dell Data Domain Operating System
NVD VulDB
CVSS 3.1
6.5
EPSS
1.1%
CVE-2026-56646 MEDIUM PATCH This Month

Microsoft Edge (Chromium-based) versions prior to 150.0.4078.48 expose sensitive information to unauthorized network actors, enabling spoofing attacks against users who interact with attacker-controlled content. The vulnerability maps to CWE-200, indicating that browser-internal sensitive data (likely origin, URL, or session context) is improperly disclosed across a network boundary, allowing an attacker to impersonate trusted content or identities. No public exploit code or CISA KEV listing exists at time of analysis; however, the CVSS score of 6.5 with a network attack vector and no privilege requirement underscores meaningful real-world risk for any unpatched Edge deployment.

Google Microsoft Information Disclosure Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.5
EPSS
0.7%
CVE-2026-57987 MEDIUM PATCH This Month

Server-side request forgery in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows unauthenticated network attackers to perform spoofing by inducing a victim user to visit a malicious page, causing the browser to issue forged requests to internal or external resources. The confidentiality impact is rated High (CVSS C:H), indicating that sensitive data accessible via the browser's network context may be exfiltrated through the SSRF channel. No public exploit code has been identified and the vulnerability is not listed in the CISA KEV catalog at time of analysis.

SSRF Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.5
EPSS
0.6%
CVE-2026-45489 MEDIUM PATCH This Month

Spoofing in Microsoft Edge (Chromium-based) prior to version 150.0.4078.48 allows a remote unauthenticated attacker to present deceptive browser UI to a victim user, resulting in high-confidentiality-impact information disclosure. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms exploitation is network-delivered and requires only a single user interaction, consistent with a classic UI-spoofing or URL-spoofing class of flaw. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; a vendor-released patch is available.

Microsoft Google Microsoft Edge Chromium Based Authentication Bypass
NVD VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2026-58523 MEDIUM PATCH This Month

Security feature bypass in Microsoft Edge for Android exposes high-confidentiality data to unauthenticated network attackers who can induce user interaction. The vulnerability stems from improper access control (CWE-284) in the Chromium-based mobile browser, allowing an attacker to circumvent a security boundary and access protected information without credentials. No active exploitation is confirmed (CISA KEV absent, temporal metric E:U), and a vendor patch is available via MSRC, making this a patch-priority item rather than an emergency response.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
6.5
EPSS
0.5%
CVE-2026-58418 MEDIUM PATCH This Month

Server-Side Request Forgery (SSRF) via HTTP redirect in Gitea's repository migration feature affects all versions through 1.25.4, allowing an authenticated attacker to coerce the Gitea server into issuing HTTP requests to arbitrary internal network destinations by supplying a crafted migration URL that redirects to an internal address. The CVSS score of 6.5 (C:H) reflects that successful exploitation can expose sensitive internal service responses - including cloud metadata endpoints, internal APIs, or other intranet services - to the attacker. No public exploit or CISA KEV listing has been identified at time of analysis; a vendor patch is available in v1.26.3 and v1.26.4.

SSRF Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-46463 MEDIUM PATCH This Month

Integer overflow in Dell PowerProtect Data Domain across multiple release trains (main, LTS2024, LTS2025, LTS2026) exposes backup and data protection infrastructure to remote denial of service by an unauthenticated attacker. The CVSS vector (AV:N/AC:H/PR:N) confirms network-accessible, unauthenticated exploitation, though high attack complexity constrains practical exploitation to adversaries who can satisfy specific preconditions. No public exploit has been identified at time of analysis, and the vulnerability has not been added to the CISA Known Exploited Vulnerabilities catalog.

Integer Overflow Dell Denial Of Service Powerprotect Data Domain
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-8351 MEDIUM This Month

Stored Cross-Site Scripting in RTMKit (rometheme-for-elementor) versions up to and including 2.0.7 allows authenticated contributors to persist arbitrary JavaScript in WordPress pages via the Advanced Heading widget's 'Background Text' field. The root cause is the direct concatenation of the user-controlled `background_text_heading` setting into an HTML attribute inside the widget's `render()` function without applying WordPress's `esc_attr()` sanitization, reported by Wordfence. No active exploitation is confirmed (not listed in CISA KEV) and no public exploit code has been identified at time of analysis, but the contributor-level access prerequisite makes this realistically exploitable on multi-author or open-registration WordPress sites.

WordPress XSS Rtmkit
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2026-8489 MEDIUM This Month

Stored Cross-Site Scripting in the Ultimate Member WordPress plugin (versions ≤ 2.11.4) permits any subscriber-level authenticated attacker to inject persistent malicious JavaScript via the 'about_me' profile field, which then executes in the browser of any user - including site administrators - who views the compromised profile page. The scope-changed CVSS vector (S:C, PR:L) reflects that the low barrier to obtaining a subscriber account combined with cross-origin script execution can escalate to full site compromise if an administrator's session is hijacked. No public exploit code or CISA KEV listing has been identified at time of analysis, though the attack is low-complexity once a subscriber account is obtained.

WordPress XSS Ultimate Member User Profile Registration Login Member Directory Content Restriction Membership Plugin
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2026-9626 MEDIUM This Month

Stored Cross-Site Scripting in the JSON API User WordPress plugin (versions ≤ 4.1.0) allows authenticated attackers with subscriber-level or higher access to inject persistent JavaScript via the `content` parameter of the `post_comment` API endpoint. The plugin's `post_comment()` function passes attacker-controlled `comment_content` directly to WordPress's native `wp_insert_comment()` without any HTML sanitization, and a compounding design flaw permits callers to supply `comment_approved=1` to self-approve comments and entirely bypass the WordPress moderation queue. No public exploit code or CISA KEV listing is confirmed at time of analysis; however, the CVSS scope-change flag (S:C) and low authentication barrier make this a meaningful risk on any site permitting open user registration.

WordPress XSS Json Api User
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
CVE-2026-9756 MEDIUM This Month

Stored XSS in the GenerateBlocks WordPress plugin (all versions through 2.2.1) allows contributor-level authenticated attackers to inject arbitrary JavaScript via the Headline Block's `linkMetaFieldType` dynamic link attribute, executing in the browser of any user - including site administrators - who clicks the injected headline link. The attack chains a `get_safe_user_meta_keys()` allowlist bypass with insufficient URI scheme validation to construct a fully attacker-controlled `javascript:` href. No CISA KEV listing exists at time of analysis, but Wordfence reporting and direct source code references lower the barrier to independent exploitation.

WordPress XSS Generateblocks
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2026-8892 MEDIUM This Month

Stored cross-site scripting in the CM Business Directory WordPress plugin (all versions ≤ 1.5.7) allows contributor-level authenticated users to persist arbitrary JavaScript in business listing address meta fields, executing against any visitor who loads the affected page. The vulnerability exploits a structural gap in WordPress's permission model: because the payload is written to post meta rather than post_content, the platform's native unfiltered_html capability check never fires, giving low-privilege contributors an injection vector that WordPress's architecture was designed to prevent. No public exploit code has been identified and the vulnerability is not listed in CISA KEV, though Wordfence has published full technical details including exact vulnerable code line references and an upstream fix commit.

WordPress XSS Cm Business Directory Optimise And Showcase Local Business
NVD VulDB
CVSS 3.1
6.4
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy