Skip to main content
CVE-2026-12988 MEDIUM POC PATCH This Month

Account takeover in the WP 2FA WordPress plugin (all versions before 3.1.1.2) is achievable by any attacker who has obtained a valid user's credentials. The plugin fails to verify that the email address submitted during two-factor authentication enrollment belongs to the authenticated account (CWE-862: Missing Authorization), allowing the attacker to redirect the setup verification code to an attacker-controlled inbox and complete 2FA enrollment on behalf of the victim. A publicly available proof-of-concept exists per WPScan; this vulnerability is not currently listed in the CISA KEV catalog, but the combination of a PoC, medium-prevalence deployment, and account-takeover impact warrants prompt patching.

Authentication Bypass WordPress Wp 2Fa
NVD WPScan
CVSS 3.1
6.4
EPSS
0.2%
CVE-2026-58478 MEDIUM POC This Month

Server-side request forgery in Sustainable Irrigation Platform (SIP) through version 5.2.16 allows unauthenticated network attackers to weaponize the device as an HTTP proxy against internal or external hosts. Exploitation requires the optional Node-RED plugin to be installed and leverages the known default passphrase 'opendoor' to bypass authentication to the plugin interface - dramatically lowering the practical barrier for blind SSRF. A publicly available proof-of-concept exploit exists per ZeroScience advisory ZSL-2026-5998; no CISA KEV listing at time of analysis.

SSRF Sip
NVD
CVSS 4.0
6.3
EPSS
0.3%
CVE-2026-11567 MEDIUM POC PATCH This Month

SureForms WordPress plugin before 2.11.1 permits unauthenticated attackers to submit manipulated payment amounts below the configured price on any form using a dynamically-sourced or hidden variable payment field, enabling financial fraud against site operators. The integrity bypass is confined to forms with variable pricing; fixed-price forms are explicitly unaffected. A publicly available proof-of-concept exists via WPScan, and a vendor patch is available in version 2.11.1 - though no CISA KEV listing confirms active mass exploitation at time of analysis.

WordPress Information Disclosure Sureforms
NVD WPScan
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-15703 MEDIUM POC This Month

A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This vulnerability affects unknown code of the file /admin/userproductdeletequery.php. Performing a manipulation of the argument user_id results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.

SQLi PHP Simple And Nice Shopping Cart Script
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-15677 MEDIUM POC This Month

Unrestricted file upload in code-projects Online Job Portal 1.0 exposes unauthenticated remote attackers to arbitrary file upload via the txtFile parameter in /JobSeekerInsert.php, enabling likely webshell deployment and subsequent server-side code execution. A public proof-of-concept exploit exists (no KEV listing), substantially lowering the exploitation barrier for any internet-exposed instance. The CVSS 4.0 impact metrics are conservatively rated Low across C/I/A, which understates the realistic post-exploitation potential of an unrestricted PHP file upload - successful webshell placement typically yields full OS command execution in the web server process context.

PHP File Upload Online Job Portal
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-15676 MEDIUM POC This Month

SQL injection in code-projects Online Job Portal 1.0 exposes the /Admin/DeleteUser.php endpoint to unauthenticated remote database manipulation. An attacker can craft HTTP requests that inject arbitrary SQL, enabling data extraction, modification, or deletion from the underlying database. A public proof-of-concept exploit exists (GitHub: shihuizhang-dazhi/MY-CVE/issues/4), lowering the bar for exploitation; this vulnerability is not currently listed in CISA KEV.

SQLi PHP Online Job Portal
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-15675 MEDIUM POC This Month

SQL injection in code-projects Online Job Portal 1.0 exposes the /Admin/EditUser.php endpoint to remote database manipulation via the unsanitized UserId parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) classifies this as remotely exploitable with no authentication or interaction required, though the Admin path location raises questions about actual auth gating in practice. A public exploit exists (E:P confirmed in CVSS 4.0 and via GitHub issue), lowering the skill bar for exploitation considerably; this CVE is not currently listed in CISA KEV.

SQLi PHP Online Job Portal
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2026-15622 MEDIUM POC PATCH This Month

Unauthenticated authorization bypass in poco-ai/poco-claw's Workspace API allows remote attackers to access arbitrary users' workspace files by manipulating the user_id parameter in the get_workspace_file function. All versions through 0.5.4 are affected, with the executor manager's control-plane routes completely lacking token-based authentication before the fix. Publicly available exploit code exists (POC confirmed via GitHub issue #133 and PR #135); no CISA KEV listing at time of analysis.

Authentication Bypass Poco Claw
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.4%
CVE-2025-15665 MEDIUM POC PATCH This Month

Stored cross-site scripting in the Ultimate Before After Image Slider & Gallery WordPress plugin (all versions before 4.7.1) enables users with administrator-level access to plant persistent malicious scripts via the BEAF Slider widget's shortcode field, which then execute silently in the browsers of any site visitor loading a page displaying the widget. The plugin pipes the field value through WordPress's native do_shortcode() function without sanitizing or escaping the output, causing unrecognized content to be echoed verbatim to the rendered page. A publicly available proof-of-concept has been disclosed by WPScan; no active exploitation has been confirmed in the CISA Known Exploited Vulnerabilities catalog.

WordPress Information Disclosure Ultimate Before After Image Slider Gallery
NVD WPScan
CVSS 3.1
5.4
EPSS
0.2%
CVE-2026-58475 MEDIUM POC This Month

Stored cross-site scripting in Sustainable Irrigation Platform (SIP) through version 5.2.16 enables unauthenticated remote attackers to permanently inject arbitrary JavaScript by submitting crafted program names via HTTP requests, with the payload executing in every subsequent viewer's browser. Exploitation is significantly facilitated by the application's acceptance of submissions with no passphrase configured or using the default passphrase 'opendoor', removing any authentication barrier in common deployments. A publicly available proof-of-concept exploit from ZeroScience (ZSL-2026-5994) documents the attack path; this CVE is not currently listed in the CISA KEV catalog.

XSS Sip
NVD
CVSS 4.0
5.3
EPSS
0.2%
CVE-2026-54116 MEDIUM PATCH Exploit Unlikely This Month

Type confusion (CWE-843) in Microsoft SQL Server 2025 enables authenticated, low-privileged network attackers to disclose sensitive server-side information. The CVSS vector (AV:N/PR:L/C:H) confirms that any authorized database user - regardless of their data access permissions - can potentially trigger the flaw remotely with no user interaction required. No public exploit code or CISA KEV listing exists at time of analysis, but the high confidentiality impact and low access complexity make patching a meaningful priority for organizations running SQL Server 2025.

Memory Corruption Information Disclosure Microsoft Sql Server 2025 Cu 6 Microsoft Sql Server 2025 For X64 Based Systems Gdr
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2026-50468 MEDIUM PATCH Exploit Unlikely This Month

Buffer over-read in Microsoft SQL Server 2025 exposes server memory contents to low-privileged authenticated attackers over the network, resulting in high confidentiality impact with no integrity or availability consequences. Both the Cumulative Update 6 (CU 6) and General Distribution Release (GDR) servicing tracks on x64-based systems are confirmed affected per vendor CPE data. No public exploit has been identified and CISA has not listed this in KEV; SSVC assessment corroborates no active exploitation at time of analysis, placing this in a measured but real priority category for environments handling sensitive SQL data.

Buffer Overflow Microsoft Sql Server 2025 Cu 6 Microsoft Sql Server 2025 For X64 Based Systems Gdr
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2026-54108 MEDIUM PATCH Exploit Unlikely This Month

External control of file name or path in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

Microsoft Information Disclosure Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019 Microsoft Sharepoint Server Subscription Edition
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2026-56185 MEDIUM PATCH Exploit Unlikely This Month

Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.

Authentication Bypass Microsoft Windows Admin Center
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2026-47282 MEDIUM PATCH Exploit Unlikely This Month

Insufficiently protected credentials in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network.

Information Disclosure Visual Studio Code
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2026-55051 MEDIUM PATCH Exploit Unlikely This Month

Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.

Microsoft SSRF Microsoft Sharepoint Enterprise Server 2016 Microsoft Sharepoint Server 2019 Microsoft Sharepoint Server Subscription Edition
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2026-50659 MEDIUM PATCH Exploit Unlikely This Month

Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.

Information Disclosure Net 10 0 Net 8 0 Net 9 0 Microsoft Visual Studio 2022 Version 17 12 +2
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-58279 MEDIUM PATCH Exploit Unlikely This Month

Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

Authentication Bypass Microsoft Azure Cyclecloud 8 9 1
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-55026 MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

Information Disclosure Microsoft Integer Overflow Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
6.2
EPSS
0.4%
CVE-2026-47999 MEDIUM This Month

Adobe Commerce is affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Scope is changed.

XSS Adobe Adobe Commerce Adobe Commerce B2B Magento Open Source +1
NVD
CVSS 3.1
4.8
EPSS
11.5%
CVE-2026-10051 MEDIUM This Month

HTTP/1.1 trailer leakage in Eclipse Jetty allows a remote unauthenticated attacker to read trailer headers from a previous request when sharing a persistent connection with another party. Trailers sent in an initial request are incorrectly retained in the server's connection state, causing them to bleed into all subsequent requests on the same keep-alive connection - either appended wholesale (if the later request has no trailers) or merged with the later request's own trailers. No public exploit has been identified at time of analysis, and the vulnerability is not listed in CISA KEV.

Information Disclosure Eclipse Jetty
NVD VulDB
CVSS 4.0
6.9
EPSS
0.3%
CVE-2026-60118 MEDIUM PATCH This Month

Hidden ticket purchase bypass in Hi.Events through v1.10.0-beta allows unauthenticated remote attackers to acquire VIP, invite-only, or discounted tickets withheld from public sale by referencing hidden ticket and price IDs directly in order creation API requests. The server fails to enforce ticket visibility rules at the API layer, relying only on UI-level concealment, and sequential integer ticket IDs allow systematic enumeration from observed visible IDs. No public exploit or active exploitation (KEV) has been identified at time of analysis, but the unauthenticated network vector and low complexity make opportunistic exploitation straightforward following disclosure.

Authentication Bypass Hi Events
NVD GitHub
CVSS 4.0
6.9
EPSS
0.2%
CVE-2026-52837 MEDIUM PATCH This Month

The reschedule endpoint in Easy!Appointments 1.5.2 and earlier exposes the complete customer database record to any party holding the 12-character appointment hash, with no authentication check and no field whitelisting on the ea_users row. These hashes are deliberately distributed to customers in reschedule emails, embedded in confirmation page URLs, and visible in operator calendar links, which means the effective attacker pool is anyone who has ever received or forwarded a booking email. The fix is available in version 1.6.0 per the GitHub security advisory; no public exploit code and no CISA KEV listing have been identified at time of analysis.

PHP Information Disclosure Easyappointments
NVD GitHub
CVSS 4.0
6.9
EPSS
0.4%
CVE-2026-50298 MEDIUM PATCH This Month

Integer overflow or wraparound in Windows Spaceport.sys allows an unauthorized attacker to elevate privileges with a physical attack.

Buffer Overflow Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +16
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-48338 MEDIUM This Month

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction. Scope is changed.

Path Traversal Coldfusion
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-24234 MEDIUM This Month

NVIDIA TensorRT-LLM for Linux contains a vulnerability in the multimodal media fetching functions, where a network-accessible attacker could cause server-side request forgery. A successful exploit of this vulnerability might lead to denial of service and information disclosure.

Nvidia SSRF Denial Of Service Information Disclosure Tensorrt Llm
NVD
CVSS 3.1
6.8
EPSS
0.1%
CVE-2026-48312 MEDIUM This Month

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access. Exploitation of this issue does not require user interaction.

Authentication Bypass
NVD
CVSS 3.1
6.8
EPSS
0.2%
CVE-2026-47996 MEDIUM This Month

Security feature bypass in Adobe Commerce, Adobe Commerce B2B, Magento Open Source, and the Adobe Commerce Webhooks plugin allows a high-privileged, authenticated attacker to defeat an authorization check (CWE-863) and gain unauthorized read access to data that should be restricted. The flaw is network-reachable with low complexity, requires no user interaction, and changes scope, so the exposure can reach beyond the initially vulnerable component. There is no public exploit identified at time of analysis and no CISA KEV listing, making exploitation currently theoretical rather than observed.

Authentication Bypass Adobe Adobe Commerce Adobe Commerce B2B Magento Open Source +1
NVD
CVSS 3.1
6.8
EPSS
18.5%
CVE-2026-58528 MEDIUM PATCH Exploit Unlikely This Month

Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

Buffer Overflow Microsoft Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 +9
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2026-50668 MEDIUM PATCH This Month

Privilege escalation via heap-based buffer overflow in the Windows NTFS filesystem driver affects a broad range of Windows 10, Windows 11, and Windows Server versions, requiring only physical access to the target device - no OS credentials needed. An attacker with hands-on access to the hardware can trigger a heap overflow in NTFS processing to gain elevated privileges, potentially achieving full system compromise (High C/I/A). No public exploit code has been identified and this CVE is not listed in the CISA KEV catalog, but the combination of zero authentication requirements and critical-level impact makes it a realistic threat for physically accessible endpoints. A vendor-supplied patch is available via the Microsoft Security Response Center.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-50492 MEDIUM PATCH This Month

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code with a physical attack.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2026-50426 MEDIUM PATCH This Month

Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network.

Path Traversal Windows 10 Version 1607 Windows 10 Version 1809 Windows Server 2012 Windows Server 2012 Server Core Installation +9
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2026-50299 MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack.

Buffer Overflow Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +14
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-54132 MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Windows Kernel allows an unauthorized attacker to elevate privileges with a physical attack.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +9
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-49168 MEDIUM PATCH Exploit Unlikely This Month

Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack.

Buffer Overflow Microsoft Integer Overflow Windows 10 Version 1607 Windows 10 Version 1809 +12
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2026-53566 MEDIUM PATCH This Month

Out-of-bounds read in Citrix Secure Access Client for Windows (all versions before 26.6.1.20) enables a local low-privileged attacker to read memory beyond an allocated buffer boundary, resulting in high confidentiality impact with no integrity or availability consequence. The CVSS 4.0 score of 6.8 reflects the local attack vector and low-privilege requirement, meaning an attacker must already hold a foothold on the endpoint. No public exploit code and no active exploitation (CISA KEV) have been identified at time of analysis.

Citrix Buffer Overflow Microsoft Information Disclosure Citrix Secure Access Client For Windows
NVD VulDB
CVSS 4.0
6.8
EPSS
0.1%
CVE-2026-55023 MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2016 +9
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-49804 MEDIUM PATCH Exploit Unlikely This Month

Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack.

Heap Overflow Buffer Overflow Microsoft Windows 10 Version 1607 Windows 10 Version 1809 +15
NVD
CVSS 3.1
6.6
EPSS
0.4%
CVE-2026-59837 MEDIUM This Month

Stack-based buffer overflow in Fortinet FortiOS, FortiPAM, FortiProxy, and FortiSASE enables arbitrary code execution for a privileged authenticated attacker capable of bypassing ASLR and stack canary protections via crafted HTTP requests. The CVSS temporal metric E:P confirms proof-of-concept exploit code exists, and RL:O confirms an official patch has been released by Fortinet (advisory FG-IR-26-148). This vulnerability is not listed in CISA KEV at time of analysis, and the dual prerequisites of privileged access plus memory-protection bypass substantially constrain real-world exploitability despite the critical CIA impact triad.

Fortinet Buffer Overflow Stack Overflow RCE Fortipam +3
NVD
CVSS 3.1
6.6
EPSS
0.6%
CVE-2026-45496 MEDIUM PATCH Exploit Unlikely This Month

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

Path Traversal Visual Studio Code
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2026-59889 MEDIUM PATCH This Month

jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.18.0 until 2.18.9, 2.21.5, 2.22.1, 3.1.5, and 3.2.1, UnwrappedPropertyHandler.processUnwrapped() replays buffered JSON for a @JsonUnwrapped property and calls prop.deserializeAndSet() without a prop.visibleInView(ctxt.getActiveView()) guard, allowing a property annotated with both @JsonView and @JsonUnwrapped to be written from attacker JSON under a less-privileged active view. This issue is fixed in versions 2.18.9, 2.21.5, 2.22.1, 3.1.5, and 3.2.1.

Authentication Bypass Jackson Databind
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-15714 MEDIUM This Month

An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata.

Buffer Overflow Information Disclosure Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 +2
NVD VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2026-55142 MEDIUM PATCH Exploit Unlikely This Month

Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2019 Microsoft Office 365 For Mac +6
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55124 MEDIUM PATCH Exploit Unlikely This Month

Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2019 Microsoft Office 365 For Mac +8
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-55050 MEDIUM PATCH This Month

Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

Buffer Overflow Microsoft Information Disclosure Microsoft 365 Apps For Enterprise Microsoft Office 2019 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-34328 MEDIUM PATCH This Month

Windows Audio Service on multiple Windows desktop and server versions improperly exposes sensitive information to locally authenticated standard users, enabling information disclosure without requiring elevated privileges. Affecting Windows 10 1809 through Windows 11 26H1 and Windows Server 2019 (with Server 2022 and 2025 referenced in tags), the flaw is exploitable post-foothold by any low-privileged local account, making it a realistic post-exploitation pivot rather than an initial access vector. No public exploit code has been identified at time of analysis, and a vendor-released patch is confirmed available via the Microsoft Security Response Center.

Microsoft Information Disclosure Windows 10 Version 1809 Windows 10 Version 21H2 Windows 10 Version 22H2 +9
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2026-15766 MEDIUM PATCH This Month

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-15770 MEDIUM PATCH This Month

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-47481 MEDIUM This Month

NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause an authentication bypass through an alternative path or channel. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

Nvidia Authentication Bypass RCE Information Disclosure Triton Inference Server
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-15778 MEDIUM PATCH This Month

Navigation input validation bypass in Google Chrome prior to 150.0.7871.125 enables a remote attacker who has already compromised the renderer process to circumvent navigation restrictions through a crafted HTML page. The flaw is classified as a second-stage, chained exploit - the attacker must first achieve renderer process compromise before this vulnerability becomes exploitable. With integrity rated High (I:H) and no confidentiality or availability impact, the practical danger is unauthorized navigation control, potentially enabling redirect-based phishing, cross-origin frame manipulation, or security boundary bypass. No public exploit code or active exploitation has been identified at time of analysis; EPSS probability stands at 0.26% (17th percentile), consistent with low current threat activity.

Google Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.3%
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy