Skip to main content
CVE-2026-46468 MEDIUM PATCH This Month

Dell PowerProtect Data Domain exposes sensitive file content to high-privileged local attackers through a symlink-following flaw (CWE-59), where the application fails to validate link targets before file access. Affected versions span multiple release trains including the current 8.x mainline and LTS branches. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Dell Information Disclosure Data Domain Operating System
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-44269 MEDIUM PATCH This Month

Link-following exploitation in Dell PowerProtect Data Domain enables a high-privileged local attacker to read files outside their intended access scope by manipulating symbolic or hard links before file access operations resolve. Affected across multiple release trains - mainline 7.7.1.0 through 8.6, LTS2026 8.6.1.10 and below, LTS2025 8.3.1.30 and below, and LTS2024 7.13.1.70 and below. No public exploit code or active exploitation confirmed at time of analysis; risk is bounded by the requirement for pre-existing high-privilege local access.

Authentication Bypass Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-41124 MEDIUM PATCH This Month

Path traversal in Dell PowerProtect Data Domain allows a locally authenticated high-privileged attacker to read files outside restricted directories, resulting in information disclosure. Affected deployments span multiple release trains - standard releases 7.7.1.0 through 8.6, LTS2026 8.6.1.0-8.6.1.10, LTS2025 8.3.1.0-8.3.1.30, and LTS2024 7.13.1.0-7.13.1.70. No public exploit identified at time of analysis; the low CVSS score of 2.3 correctly reflects the high privilege and local access prerequisites that substantially constrain real-world exploitation scope.

Dell Path Traversal Information Disclosure Powerprotect Data Domain
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-44268 MEDIUM PATCH This Month

Incorrect permission assignment on a critical resource in Dell PowerProtect Data Domain exposes sensitive data to high-privileged local attackers across a broad range of supported release trains. The flaw (CWE-732) means a resource - likely a file, directory, or configuration object - carries overly permissive access controls, allowing a local attacker operating with elevated privileges to read data they are not authorized to access. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog, but the breadth of affected versions (seven release trains spanning 2024-2026 LTS and mainline builds) increases aggregate exposure across enterprise backup environments.

Authentication Bypass Dell Powerprotect Data Domain
NVD VulDB
CVSS 3.1
4.4
EPSS
0.1%
CVE-2026-58597 MEDIUM PATCH This Month

Insufficient UI warning of dangerous operations in Microsoft Edge (Chromium-based) before version 150.0.4078.48 enables network-based spoofing attacks against users who interact with adversary-controlled content. Per the CVSS vector (PR:N, UI:R), an unauthenticated remote attacker can exploit this flaw without any privileges, but requires the victim to interact with the browser during the attack. No public exploit identified at time of analysis; the Medium CVSS score of 4.3 and confidentiality-only impact (C:L) reflect a bounded but real risk primarily useful for phishing, credential harvesting, or identity spoofing scenarios.

Authentication Bypass Microsoft Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
4.3
EPSS
0.4%
CVE-2026-27761 MEDIUM PATCH This Month

Gitea's repository RSS and Atom feed endpoints fail to enforce API token scope checks, exposing private repository commit metadata to any holder of a valid but under-privileged API token. Versions up to and including 1.26.2 are affected; the flaw is classified as CWE-863 (Incorrect Authorization) with a CVSS score of 4.3. No public exploit code or CISA KEV listing exists at time of analysis; vendor-released patches are available in v1.26.3 and v1.26.4.

Authentication Bypass Gitea Gitea Open Source Git Server
NVD GitHub
CVSS 3.1
4.3
EPSS
0.4%
CVE-2026-9230 MEDIUM This Month

{id}/emails endpoint then honors that nonce without an ownership check. Attackers exploiting this can overwrite victim quiz result pages and redirect quiz notification emails to attacker-controlled addresses - a vector for targeted phishing against quiz respondents. No public exploit or CISA KEV listing has been identified at time of analysis, but the Wordfence disclosure includes direct source-code references that substantially lower the barrier to exploitation.

Authentication Bypass WordPress Quiz And Survey Master Qsm Easy Quiz And Survey Maker
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2026-11900 MEDIUM This Month

Insecure Direct Object Reference in the Ad Inserter WordPress plugin (versions up to and including 2.8.16) allows authenticated Contributor-level users to read the full content of arbitrary posts they do not own or have permission to view, including Private, Draft, Pending, Trashed, and password-protected posts. The flaw exists in the shortcode processing function replace_ai_tags(), which fetches post content by a user-supplied numeric ID without any authorization check, post-type restriction, or status filtering. No public exploit has been identified at time of analysis and the vulnerability is not listed in the CISA KEV catalog.

Authentication Bypass WordPress Ad Inserter Ad Manager Adsense Ads
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2026-5137 MEDIUM This Month

Local File Inclusion in the RTMKit (rometheme-for-elementor) plugin for WordPress versions up to and including 2.0.7 allows authenticated attackers with Contributor-level access to include and execute arbitrary PHP code on the server. The render_templates AJAX endpoint passes the unsanitized 'template' parameter directly into a PHP require/include statement, restricted only to files ending in _templates.php. Wordfence reported this vulnerability; no public exploit code or CISA KEV listing is present at time of analysis.

WordPress LFI Information Disclosure PHP Rtmkit
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2026-12729 MEDIUM This Month

Missing authorization on the BetterDocs-to-weDocs migration AJAX endpoint in the weDocs WordPress plugin (versions up to and including 2.3.0) allows any authenticated subscriber-level user to trigger a full data migration, manipulate documentation content, alter site options, and forcibly deactivate installed BetterDocs and BetterDocs Pro plugins. The vulnerable `do_migration()` function registered under the `wedocs_migrate_betterdocs_to_wedocs` AJAX action performs neither a nonce check via `check_ajax_referer()` nor a privilege check via `current_user_can()`, exposing sensitive administrative operations to the lowest authenticated user tier. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog.

Authentication Bypass WordPress Wedocs
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14613 MEDIUM This Month

Keycloak's Fine-Grained Admin Permissions v2 (FGAP v2) fails to enforce group-level authorization when a restricted administrator queries role-to-group assignments, exposing group names and custom attributes beyond the admin's intended scope. Restricted admins holding only role-view permission can enumerate all groups assigned to that role, bypassing the group-level access controls that FGAP v2 is designed to enforce. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog; however, the EPSS risk is compounded in deployments where group attributes carry sensitive operational metadata.

Red Hat Build Of Keycloak Red Hat Data Grid 8 Red Hat Jboss Enterprise Application Platform Expansion Pack Red Hat Single Sign On 7 Authentication Bypass +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14615 MEDIUM This Month

Unauthorized child group disclosure in Red Hat Build of Keycloak's Fine-Grained Admin Permissions v2 (FGAP v2) exposes group names, paths, and custom attributes to delegated administrators who lack direct authorization over those child groups. When FGAP v2 is enabled and a delegated admin queries child groups through a parent group endpoint, the system omits the required per-permission filter, returning records that should be outside the caller's scope. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog, placing it in the category of a low-severity information disclosure risk that is nonetheless significant in multi-tenant IAM environments where group attribute confidentiality matters.

Information Disclosure Red Hat Build Of Keycloak Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-41123 MEDIUM PATCH This Month

Improper access control in the RBAC implementation of Dell PowerProtect Data Domain allows a low-privileged authenticated remote attacker to tamper with information beyond their authorized role scope. Affected releases span the main 7.7.1.0-8.6 line and three LTS tracks covering LTS2024, LTS2025, and LTS2026. No public exploit code has been identified and exploitation has not been confirmed by CISA KEV, placing this as a medium-priority issue requiring patch scheduling rather than emergency response.

Authentication Bypass Dell Data Domain Operating System
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-55945 MEDIUM PATCH This Month

Race condition in Microsoft Edge (Chromium-based) permits a locally authenticated, low-privileged attacker to disclose information beyond the intended security boundary, with the CVSS scope change (S:C) indicating impact can extend outside the directly vulnerable component - potentially across process or sandbox boundaries within the browser. No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog, placing it in a lower operational priority tier despite the scope change. Microsoft has released a patch via the MSRC advisory.

Information Disclosure Microsoft Race Condition Google Microsoft Edge Chromium Based
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-14612 MEDIUM This Month

Two off-by-one errors in FreeIPA's ipa-otpd daemon expose RHEL 6 through 10 deployments configured with an external OAuth2/OIDC Identity Provider to out-of-bounds memory access during the device authorization flow. An attacker who controls or can man-in-the-middle the configured IdP endpoint can serve an oversized authorization response, triggering CWE-787 writes or reads one byte past a fixed-size buffer boundary. The most probable outcome is denial of service of the ipa-otpd daemon; no public exploit has been identified and the vulnerability is not listed in the CISA KEV catalog.

Memory Corruption Denial Of Service Buffer Overflow Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 +4
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-46730 MEDIUM PATCH This Month

Incorrect authorization in Dell PowerProtect Data Domain permits a high-privileged local attacker to execute commands outside their authorized scope across a broad span of affected versions covering the main release line and all three active LTS branches. The root cause (CWE-863) indicates the appliance's Data Domain OS fails to enforce authorization boundaries correctly for certain operations accessible to already-elevated users, enabling privilege escalation within an authenticated administrative session. No public exploit code or active exploitation is confirmed at time of analysis; the CVSS 4.2 Medium score accurately reflects the significant access prerequisites - local presence plus high-level credentials - required to trigger the flaw.

Authentication Bypass Dell Data Domain Operating System
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-47898 MEDIUM PATCH This Month

XML External Entity injection in Apache Lucene.Net's PatternParser component (Lucene.Net.Analysis.Common library) allows attackers who can supply XML input to the parser to read arbitrary files from the host filesystem or trigger server-side request forgery. Affected deployments span versions 4.8.0-beta00005 through 4.8.0-beta00017. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in CISA KEV, but the well-understood XXE attack class combined with the availability of a fix version makes patching straightforward and strongly advisable.

XXE Apache Lucene Net
NVD
CVSS 4.0
4.0
EPSS
0.1%
CVE-2026-49838 MEDIUM POC PATCH GHSA This Month

CVE-2026-49838 is a vulnerability reported by Ubuntu with no description, CVSS score, CWE classification, or technical detail available at time of analysis. The CVE identifier falls in the 2026 range, suggesting this may be a recently reserved or embargoed entry. No impact, affected component, or exploitation vector can be determined from the provided data.

Information Disclosure
NVD GitHub
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy