Skip to main content
CVE-2026-13127 HIGH This Week

Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) arises when a crafted PDF's embedded JavaScript rewrites the document to alter the page structure, freeing the underlying page objects while the thumbnail renderer continues to reference them - a classic use-after-free (CWE-416). A victim who merely opens the file triggers the dangling reference, causing an application crash and, given the CVSS confidentiality/integrity impact, a plausible path to code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-13128 HIGH This Week

Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a crafted PDF whose embedded JavaScript deletes the current page, after which subsequent scripts dereference now-freed document-view properties and crash the application. This is a CWE-416 use-after-free reported by Foxit; no public exploit identified at time of analysis, and it is not listed in CISA KEV. The documented impact is an application crash, though the underlying memory-corruption class warrants caution about potential escalation.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-13129 HIGH This Week

Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attackers to crash the application and potentially corrupt memory when a victim opens a malicious PDF whose embedded JavaScript walks a deliberately damaged form-field tree. The bug is a use-after-free (CWE-416): field traversal leaves the program holding a freed/invalid form object, and dereferencing that invalid pointer causes the crash. No public exploit identified at time of analysis; disclosure originates from Foxit's own security bulletin.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57238 HIGH This Week

Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the embedded JavaScript engine, where a form field object is deleted and then re-accessed, crashing the application. The flaw affects PDF Editor through 13.2.4, 14.0.4, and 2026.1.1, and PDF Reader through 2026.1.1, and was reported by Foxit. No public exploit has been identified at time of analysis, though CVSS scores the impact as high across confidentiality, integrity, and availability, implying potential exploitation beyond a simple crash.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57242 HIGH This Week

Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4, and 2026.1.1) allows a remote attacker to execute arbitrary code or crash the application when a victim opens a maliciously crafted PDF. The flaw stems from JavaScript-driven form modifications that leave page-related objects with incomplete lifecycle management, so the application dereferences freed/invalid objects on page-state changes. No public exploit identified at time of analysis, and it is not listed in CISA KEV; while the description emphasizes a crash, the CVSS vector rates full confidentiality, integrity, and availability impact, consistent with exploitable memory corruption.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57245 HIGH This Week

Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attacker to trigger a use-after-free when a victim opens a maliciously crafted PDF whose hyperlink annotation objects use abnormal relationships and field combinations. The flaw manifests as an invalid pointer write during object destruction; while the vendor description only confirms an application crash, the vendor-assigned CVSS (C:H/I:H/A:H) and CWE-416 classification indicate potential for arbitrary code execution. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57246 HIGH This Week

Memory-corruption (buffer overflow) in Foxit PDF Reader and Foxit PDF Editor arises when the digital-signature plugin processes abnormally constructed signature objects: JavaScript triggers signature verification, but the plugin copies an anomalous string without validating its arguments, corrupting memory. A local victim who opens a crafted PDF is affected, and while the vendor describes the outcome as an application crash, the CVSS High confidentiality/integrity/availability impacts indicate potential for code execution. No public exploit identified at time of analysis.

Buffer Overflow Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57248 HIGH This Week

Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embedded JavaScript writes annotation attributes without sufficient object-type and argument validation, corrupting the internal annotation structure so the application faults during subsequent object release (CWE-763). Local exploitation requires a user to open a crafted PDF; there is no public exploit identified at time of analysis and the flaw is not in CISA KEV. The vendor rates full confidentiality, integrity, and availability impact (CVSS 7.8), though Foxit tags it as Denial of Service.

Denial Of Service Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57249 HIGH This Week

Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application when its embedded JavaScript resets annotation status and then triggers a reset-form additional action, causing the parser to re-enter and dereference freed objects. Local victims who open a malicious document are affected; the CVSS 3.1 base score is 7.8. No public exploit was identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57251 HIGH This Week

Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-style annotation/border appearances, because the code that builds that geometry omits an upper-bound limit and consistency checks. A local attacker who convinces a user to open a malicious PDF can trigger an out-of-bounds array access that crashes the application; no public exploit has been identified at time of analysis and the flaw is not listed in CISA KEV. Although the NVD vector claims high confidentiality and integrity impact, the vendor description and tags describe only a crash.

Denial Of Service Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57252 HIGH This Week

Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to crash the application when its embedded JavaScript deletes pages and removes attachment annotations while the attachment panel still references freed pointers. A victim must open the malicious document (UI:R), and no public exploit has been identified at time of analysis. Although the reported behavior is an application crash, Foxit's own CVSS scoring rates confidentiality, integrity, and availability all High, implying potential for code execution beyond denial of service.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57254 HIGH This Week

Type-confusion memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing an abnormal annotation object - one referenced by other objects - to bypass proper type checking during parsing, corrupting memory and crashing the application. Exploitation requires a user to open the malicious file locally (UI:R); there is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV, so the current confirmed impact is denial of service, though the CWE-843 class leaves open potential for code execution.

Memory Corruption Denial Of Service Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57237 HIGH This Week

Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4, ≤13.2.4, ≤2026.1.1) and Foxit PDF Reader (≤2026.1.1) allows an attacker to corrupt object state and read an illegal memory address when a victim opens a crafted PDF that manipulates form-field properties via embedded JavaScript. The immediate observed impact is an application crash (denial of service), but the CWE-416 root cause and the vendor's CVSS confidentiality/integrity ratings indicate potential for arbitrary code execution in the context of the user. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57244 HIGH This Week

Use-after-free memory corruption in Foxit PDF Editor (≤14.0.4) and Foxit PDF Reader (≤2026.1.1) allows a crafted PDF containing malicious form-reset JavaScript to trigger a stale control-pointer dereference, crashing the application and potentially enabling arbitrary code execution in the victim's context. Exploitation requires the user to open a booby-trapped document; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Foxit, the reporting vendor, has issued a security bulletin covering the affected versions.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57247 HIGH This Week

Use-after-free during PDF field processing in Foxit PDF Editor and Foxit PDF Reader allows a crafted document to delete the current page and then reuse now-dangling field objects, causing an illegal memory read and application crash. Affects Foxit PDF Editor through 14.0.4 / 2026.1.1 and Foxit PDF Reader through 2026.1.1; exploitation requires a user to open a malicious PDF. No public exploit identified at time of analysis and the flaw is not in CISA KEV; vendor (Foxit) reported it and tags it primarily as denial of service / memory corruption.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57250 HIGH This Week

Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader is triggered when JavaScript embedded in a malicious PDF resets form fields and re-enters the interface, causing the application to invoke a method on a freed native object. An attacker who convinces a user to open a crafted PDF can crash the application, and because the flaw is a use-after-free (CWE-416), it carries potential for memory-corruption abuse beyond denial of service. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57256 HIGH This Week

Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF containing embedded JavaScript to trigger a use-after-free (CWE-416) when the script manipulates a list box field and the form is subsequently reset. A victim who merely opens the malicious document can have the application dereference a dangling pointer to freed form-field memory; Foxit itself reported the flaw and CVSS rates it 7.8. No public exploit or CISA KEV listing exists, so this is no public exploit identified at time of analysis, though use-after-free in a scriptable PDF engine is a classic path toward code execution.

Memory Corruption Denial Of Service Use After Free Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57260 HIGH This Week

Out-of-bounds memory access in Foxit PDF Editor and Foxit PDF Reader occurs when the application parses a malformed Unity 3D object embedded in a PDF, resolving attacker-influenced data as a pointer and dereferencing it as a valid address. A victim who opens a crafted PDF triggers the flaw (CVSS 7.8, UI:R), which manifests as a crash but, given the CWE-787 out-of-bounds write classification and High confidentiality/integrity/availability impact, carries potential for memory corruption and code execution in the context of the current user. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Memory Corruption Buffer Overflow Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-57239 HIGH This Week

Local privilege escalation in Foxit PDF Editor and Foxit PDF Reader (Windows) lets a low-privileged user place executable files that a high-privilege process later runs directly, yielding code execution as NT AUTHORITY\SYSTEM. The flaw stems from an untrusted search path (CWE-427) where the application loads and executes attacker-writable binaries without validating their origin. There is no public exploit identified at time of analysis, EPSS is low (0.11%, 2nd percentile), and SSVC reports no observed exploitation, so this is a locally-exploitable escalation rather than a remotely wormable threat.

Information Disclosure Foxit Pdf Editor Foxit Pdf Reader
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-60105 HIGH PATCH This Week

Server-side request forgery in Monsta FTP before 2.14.5 lets an unauthenticated remote attacker coerce the server into making HTTP requests to internal-only services and exfiltrate the responses. The flaw lives in the fetchRemoteFile action, where the isBlockedIP() SSRF filter fails to recognize IPv4-mapped IPv6 addresses, so blocklisted internal ranges can be reached anyway; a CSRF token is trivially obtainable from the public getSystemVars endpoint. Impact is notable because the primary abuse case is stealing cloud instance metadata credentials, though no public exploit is identified at time of analysis.

CSRF SSRF
NVD VulDB
CVSS 4.0
7.7
EPSS
0.3%
CVE-2026-14373 HIGH PATCH This Week

Host namespace escape in HashiCorp Nomad and Nomad Enterprise lets an authenticated job submitter bypass the allow_privileged control for the Docker task driver, launching containers in host PID/network/IPC namespaces to read data from the host or co-located workloads on the same client node. The flaw stems from missing authorization enforcement (CWE-862) and carries a CVSS 7.7 with a changed scope, reflecting cross-tenant impact. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Hashicorp Docker Nomad Nomad Enterprise
NVD VulDB
CVSS 3.1
7.7
EPSS
0.2%
CVE-2026-55874 HIGH PATCH This Week

Cross-bucket object disclosure in SeaweedFS S3 API gateway (versions prior to 4.34) allows an authenticated identity scoped to a single bucket to read objects from other buckets by injecting dot-dot (../) path segments into the X-Amz-Copy-Source header of CopyObject and UploadPartCopy requests. Because the gateway performs a server-side copy without normalizing or rejecting traversal segments, the bucket-level access boundary is bypassed. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the fix in 4.34 is confirmed via the vendor security advisory and source commit.

Path Traversal
NVD GitHub
CVSS 3.1
7.7
EPSS
0.3%
CVE-2026-14244 HIGH This Week

Arbitrary file disclosure in the Jssor Slider by jssor.com WordPress plugin (all versions through 3.1.24) lets unauthenticated remote attackers traverse the filesystem via the 'url' parameter and read the contents of any file the web server can access, such as wp-config.php. Wordfence disclosed the flaw and points to the plugin's admin controller code; no public exploit is identified at time of analysis and it is not listed in CISA KEV. EPSS was not provided, but the network-reachable, unauthenticated nature of the bug makes it an attractive scanning target.

WordPress Path Traversal Jssor Slider By Jssor Com
NVD VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2026-59892 HIGH PATCH This Week

Denial of service in OpenTelemetry JavaScript (@opentelemetry/propagator-jaeger) before 2.9.0 allows an unauthenticated remote attacker to crash a Node.js service by sending a malformed percent-encoded uber-trace-id or uberctx-* HTTP header. The JaegerPropagator passes header values to decodeURIComponent() without catching the resulting URIError, so the uncaught exception terminates the process. No public exploit identified at time of analysis, and this is not listed in CISA KEV; the fix is version 2.9.0.

Node.js Information Disclosure Opentelemetry Js
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-56669 HIGH PATCH This Week

Denial of service in the Elysia TypeScript web framework (versions prior to 1.4.29) lets remote unauthenticated attackers exhaust server CPU by submitting multipart/form-data requests containing many unique key-value pairs. Elysia's form-data normalization uses getAll in a way that scales quadratically with the number of fields, so a single crafted request can consume disproportionate processing time and stall the event loop. A public technical write-up demonstrating the quadratic behavior exists, but there is no evidence of active exploitation; EPSS was not provided.

Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-59725 HIGH PATCH This Week

Denial of service in Socket.IO (Engine.IO server) from 4.1.0 before 6.6.7 lets a remote unauthenticated attacker exhaust server-side connections and sockets by sending invalid binary POST requests. When the Engine.IO v4 polling transport receives a malformed binary payload with Content-Type: application/octet-stream, it fails to close the HTTP response, leaking the underlying socket until connection and file-descriptor limits are reached. No public exploit identified at time of analysis; the flaw is fixed in engine.io 6.6.7.

Information Disclosure Socket Io
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-59869 HIGH PATCH This Week

Denial of service in js-yaml (a widely-used JavaScript YAML parser) 3.0.0-3.14.x and 4.0.0-4.2.x allows remote attackers to consume quadratic CPU time by submitting a linearly-sized YAML document built from a chain of mappings that use merge keys, where each mapping merges the previous one. Exploitation requires no authentication or user interaction (CVSS 7.5, availability-only impact), and any application that parses attacker-controlled YAML with a vulnerable version is affected. No public exploit identified at time of analysis; fixes are available in 3.15.0 and 4.3.0.

Information Disclosure Js Yaml
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2026-59928 HIGH PATCH This Week

Denial of service in Mistune (the lepture Python Markdown parser) before 3.3.0 lets remote unauthenticated attackers exhaust CPU by submitting a Markdown document packed with many repeated or distinct reference-link definitions, which triggers quadratic-time processing in the block parser and its ref_links dictionary handling. Any service that renders attacker-supplied Markdown through Mistune (wikis, comment systems, docs pipelines, notebook converters) can be stalled with a single crafted input. No public exploit is identified at time of analysis and it is not in CISA KEV, but the low-complexity, no-auth vector makes weaponization trivial.

Python Denial Of Service Mistune
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59922 HIGH PATCH This Week

Denial of service in Mistune, a Python Markdown parser, affects all versions prior to 3.3.0 when the strikethrough, mark, or insert plugins are enabled. Remote attackers can submit crafted Markdown containing runs of closed tilde (~), equals (=), or caret (^) marker pairs that trigger quadratic-time scanning in the formatting plugin, exhausting CPU and rendering the parsing service unresponsive. No public exploit identified at time of analysis, and the flaw is not in CISA KEV; impact is limited to availability with no data exposure.

Python Denial Of Service Mistune
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59887 HIGH PATCH This Week

Denial of service in linkify-it before 5.0.2 allows remote attackers to exhaust CPU by submitting crafted text containing many mailto: occurrences, each triggering the src_email_name email-name validator in lib/re.mjs to rescan the remaining input, yielding O(n^2) complexity. Any application that runs untrusted user text through linkify-it's .test() or .match() is affected; there is no public exploit identified at time of analysis and the flaw is not in CISA KEV, but the low complexity of the trigger makes availability disruption straightforward.

Information Disclosure Linkify It
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59925 HIGH PATCH This Week

Denial of service in Mistune, a widely used pure-Python Markdown parser, affects all versions prior to 3.3.0 where the default inline parser exhibits quadratic (O(n²)) behavior on long runs of well-formed double- or triple-asterisk emphasis pairs. Because the parser rescans forward for matching close markers from every candidate opening run, a small crafted Markdown payload forces disproportionate CPU consumption, exhausting resources on any service that renders untrusted Markdown. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the low attack complexity and unauthenticated network vector make availability impact realistic against default configurations.

Python Denial Of Service Mistune
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59724 HIGH PATCH This Week

Denial of service in Engine.IO 6.5.0 through 6.6.6 (the transport layer beneath Socket.IO) lets remote unauthenticated attackers crash the server by supplying a crafted session ID like '__proto__' during a WebTransport upgrade. Because the session ID is looked up against the internal clients object without guarding inherited properties, the resolved value is a prototype function rather than a client, triggering a TypeError that terminates request handling. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, but the trigger is trivial to reproduce on any server that has WebTransport enabled.

Denial Of Service Socket Io
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-53482 HIGH PATCH This Week

Denial of service in Dell PowerProtect Data Domain (DDOS versions 7.7.1.0 through 8.7, plus LTS2026 8.6.1.0-8.6.1.10, LTS2025 8.3.1.0-8.3.1.30, and LTS2024 7.13.1.0-7.13.1.70) allows a remote, unauthenticated attacker to crash or hang the appliance by triggering an integer overflow (CWE-190). Per the CVSS vector (PR:N/UI:N), no authentication or user interaction is required, and the impact is confined to availability (C:N/I:N/A:H) - no data disclosure or code execution. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV; EPSS was not provided.

Integer Overflow Dell Denial Of Service Data Domain Operating System
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59877 HIGH PATCH This Week

Denial-of-service via infinite loop in protobuf.js (the pure-JavaScript Protocol Buffers implementation for Node.js/browsers) affects versions 8.0.0 through <8.6.6 and 7.5.0 through <7.6.5. When the parser reads an option declaration in a .proto schema it advances through tokens looking for '=' without checking for end-of-input, so a truncated schema (e.g. 'option foo') hangs parse(), Root.load, or Root.loadSync forever, pinning a CPU core and stalling the event loop. No public exploit is identified at time of analysis and it is not in CISA KEV; EPSS is low (0.33%, 25th percentile), matching the SSVC rating of exploitation 'none' but automatable.

Denial Of Service Protobuf Js
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-15053 HIGH PATCH This Week

Denial of service in Tanium Server allows remote unauthenticated attackers to exhaust availability of the platform, per vendor advisory TAN-2026-016. The flaw is network-reachable with low complexity and no privileges or user interaction (CVSS 7.5, availability-only impact), and the CWE-789 classification indicates an uncontrolled/excessive memory allocation can be triggered remotely. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Denial Of Service Server
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59871 HIGH PATCH This Week

Denial of service in node-tar prior to 7.5.18 allows unauthenticated network-reachable attackers to crash Node.js processes by submitting crafted tar archives containing all-digit PAX header path or linkpath values. The library incorrectly coerces these string values to JavaScript numbers in src/pax.ts, causing downstream path handling (normalizeWindowsPath(entry.path).split('/')) to throw an uncaught TypeError when it attempts to call a string method on a numeric value. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Node.js Information Disclosure Node Tar
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59868 HIGH PATCH This Week

Denial of service in the js-yaml Node.js YAML parser (versions 5.0.0 up to but not including 5.2.0) lets a remote attacker consume quadratic CPU time by submitting a small, linearly-sized YAML document that chains merge keys (<<) so each mapping merges the previous one. Because confidentiality and integrity impact are nil and only availability is affected (CVSS 7.5, AV:N/A:H), a single crafted document can stall or hang the parsing thread. SSVC rates this poc / automatable=yes / partial impact; there is no public weaponized exploit and it is not on CISA KEV, with a low EPSS of 0.29%.

Information Disclosure Js Yaml
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-59870 HIGH PATCH This Week

Denial of service in the js-yaml JavaScript YAML parser (versions 5.0.0 up to but not including 5.2.1) allows remote attackers to exhaust CPU by submitting a crafted YAML document containing an ordered-map (!!omap) node with many entries. Because the !!omap handler performs a linear duplicate-key scan on every insertion, parsing scales as O(n^2), so a modestly sized payload can consume disproportionate CPU when yaml.load() is called. Exploitation is gated behind the non-default YAML11_SCHEMA; SSVC lists proof-of-concept exploit status, there is no CISA KEV entry, and EPSS is low at 0.29%.

Information Disclosure Js Yaml
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-10699 HIGH PATCH This Week

Denial of service in Progress MOVEit Transfer (Custom Reports modules) allows remote attackers to exhaust server memory through a missing-release-of-memory (memory leak) flaw, degrading availability of the managed file transfer service. It affects MOVEit Transfer 2025.0.x before 2025.0.8, 2025.1.x before 2025.1.4, and 2026.0.0 before 2026.0.1, and is addressed in the Progress Critical Security Bulletin of June 2026. There is no public exploit identified at time of analysis, and it is not listed in CISA KEV.

Information Disclosure Moveit Transfer
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-9700 HIGH This Week

SQL injection in the Eventer WordPress event manager plugin (all versions through 4.4.2) lets unauthenticated attackers inject arbitrary SQL through the 'code' parameter, extracting database contents such as user credentials and session data. The flaw stems from unescaped user input concatenated into an existing query, exploitable remotely without authentication (PR:N). No public exploit identified at time of analysis, and it is not listed in CISA KEV; the CVSS 7.5 reflects confidentiality-only impact via time-based blind extraction.

WordPress SQLi Eventer
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-9842 HIGH This Week

Privilege escalation in the Pixelgrade Backstage - Customizer Demo Access plugin for WordPress (all versions through 1.4.2) lets unauthenticated attackers modify arbitrary site options. The plugin grants the overly broad `manage_options` capability to its `backstage_customizer_user` demo role, so an attacker reaching the demo flow can change settings such as `default_role` and escalate to a privileged account. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Privilege Escalation WordPress Backstage Customizer Demo Access
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-8651 HIGH PATCH This Week

Authentication bypass by spoofing in Progress MOVEit Transfer's HTTPS module allows remote unauthenticated attackers to impersonate or partially bypass identity verification, compromising integrity (CVSS 7.5, I:H) without exposing or destroying data (C:N/A:N). The flaw affects MOVEit Transfer builds before 2025.0.7 and the 2025.1.x line before 2025.1.3; a vendor patch is available. There is no public exploit identified at time of analysis and CISA SSVC records exploitation status as none, but MOVEit Transfer's history as a mass-exploitation target warrants prompt patching.

Authentication Bypass Moveit Transfer
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-8650 HIGH PATCH This Week

Path traversal in Progress MOVEit Transfer's Admin Settings module (versions before 2025.0.7 and 2025.1.0 before 2025.1.3) lets remote attackers supply relative '../' sequences to read files outside the intended directory, exposing sensitive configuration or system data. The CVSS 3.1 vector scores it 7.5 with confidentiality-only impact (C:H/I:N/A:N) and no listed authentication (PR:N), though the 'Admin Settings' location warrants scrutiny of that claim. No public exploit identified at time of analysis; EPSS is low (0.20%, 10th percentile) and CISA SSVC records no known exploitation.

Path Traversal Moveit Transfer
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-51535 HIGH This Week

Remote denial of service in OpENer 2.3.0 (commit 76b95cf), an open-source EtherNet/IP (CIP) communication stack, lets unauthenticated network attackers exhaust device resources through the network processing loop, rendering the affected industrial device unavailable. The flaw carries CVSS 7.5 (availability-only impact) and publicly available exploit code exists (referenced GitHub gist and issue #562), though it is not listed in CISA KEV and EPSS is low at 0.20% (10th percentile), indicating no observed widespread exploitation. Because OpENer typically runs on embedded ICS/IIoT endpoints, loss of availability can translate directly to loss of process visibility or control.

Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-15117 HIGH PATCH This Week

Heap corruption in Google Chrome's Payments component (versions prior to 150.0.7871.115) lets a remote attacker who lures a user into performing specific UI gestures potentially achieve code execution via a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High by Chromium and CVSS 7.5, with a vendor patch already shipped in the July 2026 Stable channel update; no public exploit has been identified at time of analysis. Exploitation is gated by high attack complexity and required user interaction, making it credible but not trivially weaponizable.

Memory Corruption Denial Of Service Use After Free Google
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-15111 HIGH PATCH This Week

Heap corruption in Google Chrome's Views UI framework (versions prior to 150.0.7871.115) lets a remote attacker who lures a user into performing specific UI gestures on a crafted HTML page potentially execute code or crash the browser via a use-after-free. Google rates the Chromium severity High; there is no public exploit identified at time of analysis and it is not listed in CISA KEV, though Chrome UAF bugs are historically attractive exploitation targets.

Memory Corruption Denial Of Service Use After Free Google
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-10706 HIGH This Week

Sensitive user-record disclosure in Adalo's no-code app builder (App Builder versions 1 and 2) lets remote actors enumerate the internal 'dbId' identifier to retrieve complete user records and correlate individuals' behavior across multiple applications hosted on the platform. The flaw stems from predictable/enumerable record identifiers combined with absent access controls and no data minimization. There is no public exploit identified at time of analysis, and EPSS rates near-term exploitation probability very low (0.15%, 5th percentile) despite the high confidentiality-only CVSS of 7.5.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-15169 HIGH PATCH This Week

Denial of service in Wireshark's UMTS FP protocol dissector affects the 4.6.0-4.6.6 and 4.4.0-4.4.16 release branches, where a malformed UMTS Frame Protocol packet triggers a heap-based buffer overflow (CWE-122) that crashes the application. A remote attacker who can get the crafted frame parsed - via live capture on a monitored segment or a shared capture file - can reliably terminate the analyzer, with no confidentiality or integrity impact. Publicly available exploit code exists (SSVC=poc) but it is not on CISA KEV, and EPSS is low at 0.14% (4th percentile), indicating minimal observed exploitation pressure.

Heap Overflow Denial Of Service Buffer Overflow Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-59999 HIGH PATCH This Week

Security-control bypass in OpenSSH sshd before 10.4 causes the DisableForwarding=yes hardening directive to be silently ignored when PermitTunnel=yes is also set, so tun-device forwarding remains available despite an administrator's explicit policy to disable all forwarding. Affected operators are those who rely on DisableForwarding as a defense-in-depth restriction; the flaw lets an authenticated user establish layer-2/3 tunnels the configuration was meant to forbid. There is no public exploit identified at time of analysis, EPSS is low (0.13%, 3rd percentile), and it is not on CISA KEV.

SSH Information Disclosure Openssh
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-15163 HIGH PATCH This Week

Denial of service in Wireshark 4.6.0-4.6.6 and 4.4.0-4.4.16 lets a remote attacker crash or hang the application by feeding it crafted packets that trigger infinite loops in multiple protocol dissectors. No public exploit is identified at time of analysis, and the flaw is limited to availability - no code execution or data exposure. Real-world urgency is modest: EPSS sits at 0.12% and CISA SSVC rates exploitation as 'none' with only partial technical impact.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
0.1%
Prev Page 3 of 7 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy