Skip to main content
2026-07-14

2026-07-15

CVE-2026-58658 HIGH POC PATCH This Week

Unauthenticated information disclosure in GPUStack through version 2.2.1 lets remote attackers reach the worker port's unprotected /serveLogs and /debug endpoints to stream live inference logs - including user prompts and model completions - and to alter worker runtime configuration such as log levels and memory profiling output. Because the flaw is missing authentication (CWE-306) on network-exposed endpoints, exploitation requires no credentials and no user interaction; publicly available exploit code exists, though the issue is not listed in CISA KEV. VulnCheck reported it and the vendor fixed it in commit 4e20551.

Authentication Bypass Information Disclosure Gpustack
NVD GitHub
CVSS 4.0
8.8
CVE-2026-12512 HIGH POC PATCH This Week

UNION-based SQL injection in the Quotes Llama WordPress plugin (all versions before 3.1.6) lets unauthenticated remote attackers inject arbitrary SQL through an unsanitized request parameter and read any data from the WordPress database, including user password hashes. Publicly available exploit code exists and a vendor patch has been released; the flaw carries a high EPSS-relevant profile because it is remotely reachable with no authentication or user interaction. This is no public exploit identified as actively exploited (not in CISA KEV), but working PoC availability makes opportunistic mass-scanning likely.

SQLi WordPress Quotes Llama
NVD WPScan VulDB
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-40501 HIGH POC PATCH This Week

Remote code execution in Cherry Studio 1.2.2 through 1.9.12 lets attackers who control search-provider content run arbitrary Node.js code because the SearchService loads that content into an Electron BrowserWindow with nodeIntegration enabled and contextIsolation disabled. An attacker controlling a search engine provider, search result page, or provider settings page can execute JavaScript with full Node.js privileges under the OS account running the app. Publicly available exploit code exists (VulnCheck/Mundi-Xu gist) and a vendor patch (commit 1518530) is available; the flaw is not currently listed in CISA KEV.

Node.js RCE Cherry Studio
NVD GitHub
CVSS 4.0
8.6
CVE-2026-58659 HIGH POC PATCH This Week

Remote code execution in PyTorch Lightning through 2.6.5 allows an attacker who can get a victim to load a malicious checkpoint file to execute arbitrary code. The flaw lives in the _load_state routine, which imports and calls the module path named in a checkpoint's _instantiator hyperparameter, letting a crafted .ckpt bypass torch's weights_only=True safeguard when LightningModule.load_from_checkpoint is invoked. Reported by VulnCheck, it is fixed in commit d710d68 (PR #21832) via an instantiator allowlist, and publicly available exploit code exists though it is not listed in CISA KEV.

Checkpoint RCE Pytorch Lightning
NVD GitHub
CVSS 4.0
8.4
CVE-2026-12281 HIGH POC PATCH This Week

Authentication bypass in the Shibboleth WordPress plugin before 2.5.4 lets remote unauthenticated attackers forge identity headers and log in when the HTTP header identity mode is enabled without an anti-spoofing key. Because the plugin fails open rather than closed, any request carrying identity headers is trusted as an authenticated session, and with automatic account creation plus the default administrator role mapping an attacker can provision and sign in as a brand-new administrator. Rated CVSS 8.1 (CWE-287); publicly available exploit code exists (WPScan), but it is not listed in CISA KEV.

Authentication Bypass WordPress Shibboleth
NVD WPScan VulDB
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-59258 HIGH POC PATCH This Week

Album ownership takeover in immich before 3.0.3 allows a user with shared-album editor access to escalate to full owner by abusing the PUT /albums/:id/user/:userId endpoint (CWE-863, Incorrect Authorization). Because the endpoint fails to enforce owner-only restrictions on role changes, an editor can demote the legitimate owner and promote themselves across two sequential requests, gaining deletion and member-eviction control over the album and its assets. Publicly available exploit code exists and a vendor patch (v3.0.3) has shipped, though it is not currently listed in CISA KEV.

Authentication Bypass Immich
NVD GitHub
CVSS 4.0
7.2
CVE-2026-58660 HIGH POC PATCH This Week

Broken object-level authorization in Kanboard through 1.2.52 lets any authenticated user who belongs to at least one project move, corrupt, or hide tasks in any other project on the same instance, including private projects they have no role on. The BoardAjaxController save() drag-and-drop endpoint checks the caller's role against the attacker-supplied project_id but never confirms the supplied task_id belongs to that project, and because task IDs are sequential integers shared instance-wide they are trivially enumerable. Publicly available exploit code exists and a vendor patch (commit 564cc30) is available, but this is not listed in CISA KEV and there is no public exploit identified as actively exploited in the wild.

Authentication Bypass Kanboard
NVD GitHub
CVSS 4.0
7.2
CVE-2026-59255 HIGH POC PATCH This Week

Improper authorization in SpecterOps BloodHound through 9.4.0 lets any authenticated user tamper with the global custom-node graph schema by calling POST, PUT, and DELETE operations on the /api/v2/custom-nodes endpoints, which enforced only that a caller was logged in rather than that they held write permissions. Because custom node kinds are a shared, tenant-wide schema construct, a single low-privileged account can create, alter, or delete node types that affect every user and tenant on the instance. Publicly available exploit code exists and a vendor patch (commit 8f79035) is available; there is no CISA KEV listing, so exploitation is not confirmed as active.

Authentication Bypass Bloodhound
NVD GitHub
CVSS 4.0
7.1
CVE-2026-52887 CRITICAL PATCH Act Now

SQL injection in NocoBase's @nocobase/plugin-notification-in-app-message (before 2.0.61) lets any signed-up authenticated user reach GET /api/myInAppChannels:list and inject into the filter[latestMsgReceiveTimestamp][$lt] parameter, which is concatenated into a Sequelize.literal() template with no escaping or parameter binding. Because PostgreSQL permits stacked statements through this sink, an attacker can run arbitrary SQL and escalate to operating-system command execution via COPY ... TO PROGRAM. No public exploit identified at time of analysis and the flaw is not in CISA KEV, but the code fix and regression tests are public in the vendor commit, and the vendor rates it CVSS 10.0.

SQLi PostgreSQL Nocobase
NVD GitHub
CVSS 3.1
10.0
CVE-2026-50148 CRITICAL PATCH Act Now

Remote code execution in Metabase (open-source business intelligence platform) versions 1.54.0 through the fixed releases lets a user holding database-connection management rights run arbitrary code on the Metabase server. By pointing a Snowflake connection at an attacker-controlled server, a flaw in the bundled Snowflake JDBC driver writes attacker files anywhere on the host, overwriting one of Metabase's own driver files that later executes inside the Metabase process. There is no public exploit identified at time of analysis, but the vendor rates it CVSS 10.0 and a vendor security advisory (GHSA-r6x2-rchx-q9g9) confirms both the flaw and fixed versions.

RCE Metabase
NVD GitHub
CVSS 3.1
10.0
CVE-2026-56699 CRITICAL PATCH Act Now

NDJSON injection in Wazuh Manager before 5.0.0-beta3 lets any enrolled agent smuggle arbitrary OpenSearch bulk operations because the DataValue.index field is not escaped when the manager builds inventory-sync bulk requests. Because those requests execute under the manager's OpenSearch admin credentials, a single low-trust agent can delete documents, tamper with alerts, and manipulate SIEM state across all other agents. Rated CVSS 10.0 by the reporter (VulnCheck); no public exploit identified at time of analysis and it is not listed in CISA KEV.

Code Injection Wazuh
NVD GitHub
CVSS 4.0
10.0
CVE-2026-52891 CRITICAL Act Now

OS command injection in Wekan (the open-source Meteor-based kanban board) before version 9.07 lets an authenticated user execute arbitrary commands on the server by uploading an avatar with shell metacharacters in its filename. The user-supplied filename is embedded into a shell string passed to child_process.exec() for MIME-type detection in models/avatars.js and models/fileValidation.js, so backticks or $() in the name run as server-side commands. No public exploit is identified at time of analysis, but the vendor commit and advisory confirm the flaw; it is fixed in v9.07.

Command Injection Wekan
NVD GitHub
CVSS 3.1
9.9
CVE-2026-44986 CRITICAL PATCH Act Now

Account takeover in Penpot before 2.14.5 allows an authenticated registered user to hijack any non-blocked profile without knowing its password. The flaw chains three defects: create-team-invitations leaks invitation tokens, prepare-register-profile embeds an existing profile's id into the prepared-register JWE, and register-profile then mints a session on an invitation email match while skipping password verification (CWE-287). No public exploit has been identified, but the fix commit and PR diff are public and the CVSS base score is 9.9.

Authentication Bypass Penpot
NVD GitHub
CVSS 3.1
9.9
CVE-2026-55652 CRITICAL Act Now

Authentication bypass in Wekan (open-source Meteor kanban) before version 9.46 lets an unauthenticated attacker impersonate any account, including admin. The header-login feature's getRequestIp() in server/lib/headerLoginAuth.js trusts the client-supplied X-Forwarded-For header instead of the real TCP socket peer, so an attacker who can reach the HTTP port can spoof a trusted source IP and submit HEADER_LOGIN_ID for any username to receive a valid meteor_login_token session. Tracked by the vendor as 'ProxyBleed' (GHSA-jggc-qvfc-jr6x); CVSS 9.8. No public exploit identified at time of analysis and not listed in CISA KEV.

Authentication Bypass Wekan
NVD GitHub
CVSS 3.1
9.8
CVE-2026-54458 CRITICAL Act Now

Stored DOM cross-site scripting in WWBN AVideo's YPTSocket plugin (all versions prior to 29.0) lets any unauthenticated remote attacker run arbitrary JavaScript in the browser session of any administrator viewing the YPTSocket online-users debug panel. Because the malicious WebSocket metadata is broadcast to every connected client and rendered without escaping, a single anonymous WebSocket connection can be escalated into full administrative account takeover via the admin's own session and CSRF token. No public exploit identified at time of analysis; the flaw carries a CVSS 9.6 (Critical) rating driven by the scope change into the privileged admin origin.

PHP CSRF XSS Avideo
NVD GitHub
CVSS 3.1
9.6
CVE-2026-62948 CRITICAL PATCH Act Now

Stored cross-site scripting in OpenWrt's default odhcpd server (all releases prior to 25.12.5) lets a network-adjacent DHCP client inject forged lease records that execute as HTML/JavaScript in a router administrator's browser. The client-supplied DHCPv6 FQDN option 39 (and DHCPv4 option 12) hostname is written unescaped into /tmp/odhcpd.leases, enabling newline injection of attacker-controlled fields that LuCI's Active DHCPv6 Leases page renders via unsafe dom.append. No public exploit is identified at time of analysis, and the flaw is not in CISA KEV; it is fixed in 25.12.5.

XSS Openwrt
NVD GitHub
CVSS 3.1
9.6
CVE-2026-11580 MEDIUM POC PATCH This Month

Kali Forms - Contact Form & Drag-and-Drop Builder WordPress plugin before version 2.4.17 allows any authenticated Contributor-level (or higher) user to duplicate arbitrary posts they do not own by exploiting a missing per-object authorization check in the plugin's AJAX post-duplication action. The attacker gains a published copy of the target post under their own ownership and can extract private post metadata, including secrets stored by other Kali Forms instances on the same site. A publicly available proof-of-concept exists per WPScan; the vulnerability is not currently listed in the CISA KEV catalog, though the low privilege bar and default-enabled feature make it an actionable risk on any multi-user WordPress installation running the affected plugin.

Authentication Bypass WordPress Kali Forms Contact Form Drag And Drop Builder
NVD WPScan VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-46684 CRITICAL PATCH Act Now

Authentication bypass via forged JWTs in DataEase, an open-source data visualization and BI tool, allows remote unauthenticated attackers to impersonate any user (including administrators) in enterprise deployments before version 2.10.23. The enterprise TokenFilter passes attacker-supplied X-DE-TOKEN values to a validator that checks only token presence and length, then decodes the JWT without verifying its signature, so tokens with a chosen uid and oid are accepted whenever the enterprise license is valid (licenseValid=true). CVSS 4.0 rates this 9.5 (Critical); there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Jwt Attack Information Disclosure Dataease
NVD GitHub VulDB
CVSS 4.0
9.5
CVE-2026-13385 CRITICAL Act Now

Remote command execution in certain ASUS router firmware allows a network man-in-the-middle attacker to force the router to download and run arbitrary commands from a spoofed update/download server. The root cause is a failure to validate both the integrity check value (CWE-354) and the TLS server certificate, so an attacker positioned in the network path can impersonate a legitimate ASUS server. No public exploit identified at time of analysis and the flaw is not in CISA KEV; ASUS self-reported it and rates it critical (CVSS 4.0 9.5), though exploitation requires the attacker to first achieve a MITM position (AT:P).

Information Disclosure Router
NVD
CVSS 4.0
9.5
EPSS
0.1%
CVE-2026-61451 CRITICAL PATCH Act Now

Password reset token poisoning in the Grav API plugin (grav-plugin-api) before 1.0.4 lets an unauthenticated attacker hijack the account recovery flow by supplying an attacker-controlled host in the admin_base_url field (or Referer/Origin headers) of the POST /api/v1/auth/forgot-password request. Because the reset email's link is built from this unvalidated host, a victim who clicks it leaks a valid, unexpired reset token to the attacker, yielding full account takeover. No public exploit is identified at time of analysis, and it is not in CISA KEV, but VulnCheck's advisory and vendor GHSA-5xc4-j99p-cp4m confirm the flaw and a 1.0.4 fix.

Open Redirect Grav
NVD GitHub
CVSS 4.0
9.4
CVE-2026-11579 MEDIUM POC PATCH This Month

Unauthenticated file upload to the WordPress Media Library is possible in Kali Forms - Contact Form & Drag-and-Drop Builder versions before 2.4.17, because the plugin's upload handler accepts file submissions without verifying that a corresponding form with a file-upload field actually exists on the site. Any unauthenticated remote attacker can directly invoke the upload endpoint and deposit files into the Media Library. Impact is bounded by WordPress's core MIME type allowlist, which prevents upload of executable files and thereby rules out code execution; a publicly available proof-of-concept is confirmed by WPScan, and no CISA KEV listing is present at time of analysis.

File Upload RCE WordPress Kali Forms Contact Form Drag And Drop Builder
NVD WPScan VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-55445 CRITICAL Act Now

Authentication bypass in Qinglong (whyour/qinglong) task-management platform before 2.20.1 lets an unauthenticated remote attacker reset administrator credentials on an already-initialized instance by sending PUT /open/user/init. The flaw stems from a path-rewrite ordering mistake: the init-guard middleware whitelists /open/* through JWT auth, then rewrites it to /api/user/init after the guard's initialization check has already been bypassed. No public exploit identified at time of analysis, but the fixing PR diff publicly discloses the exact bypass, making weaponization trivial; CVSS 4.0 base score is 9.3 (Critical).

Authentication Bypass Qinglong
NVD GitHub
CVSS 4.0
9.3
CVE-2026-50562 CRITICAL Act Now

GitHub Actions artifact-poisoning (pwn request) in labring/FastGPT allows an external attacker who opens a pull request to smuggle attacker-controlled Docker images into privileged CI/CD pipelines. At commit 22ebfacbb43311e9b73294040ae0eb87390c6bba and earlier, artifacts built from untrusted PR code in the preview-docs-build and preview-fastgpt-build workflows are consumed by privileged workflow_run jobs, letting a malicious image be pushed to GHCR and, for documentation previews, deployed to a Kubernetes cluster using the secrets.KUBE_CONFIG_CN credential. There is no public exploit identified at time of analysis and it is not in CISA KEV, but the flaw is trivially reachable by any contributor.

Docker Information Disclosure Fastgpt
NVD GitHub
CVSS 4.0
9.3
CVE-2026-52842 CRITICAL PATCH Act Now

Same-Origin Policy bypass in Lightpanda headless browser before 0.3.1 allows an attacker-controlled site to impersonate an arbitrary victim origin. Because origin computation searched for the '@' userinfo delimiter across the entire URL string rather than only the authority component, a URL like http://attacker.com/@victim.com/ was fetched from attacker.com yet treated as origin http://victim.com, breaking the fundamental web isolation boundary. No public exploit identified at time of analysis and not listed in CISA KEV, but the CVSS 9.3 rating and the trivial, deterministic nature of the parsing flaw make it a high-priority fix for any automation pipeline using Lightpanda.

Authentication Bypass Browser
NVD GitHub
CVSS 3.1
9.3
CVE-2026-52843 CRITICAL PATCH Act Now

Cross-origin credential leakage in Lightpanda, a headless browser built for AI and automation workloads, occurs because fetch() and XMLHttpRequest attach session cookies to every outbound HTTP request regardless of the caller's requested credentials mode. In versions prior to 0.2.9, the credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials controls are all ignored, so attacker-controlled content running inside a Lightpanda session can silently issue authenticated cross-origin requests against any victim origin whose cookies are present in the session's shared cookie jar. There is no public exploit identified at time of analysis and no CISA KEV listing, but the root-cause code fix is public in PR #2155, and the CVSS base score is 9.3.

Information Disclosure Browser
NVD GitHub
CVSS 3.1
9.3
CVE-2026-61740 CRITICAL PATCH Act Now

Authentication bypass in HKUDS LightRAG before 1.5.4 lets a remote unauthenticated attacker defeat X-API-Key protection when the server runs in the API-key-only profile (LIGHTRAG_API_KEY set, AUTH_ACCOUNTS unset). Because auth.py falls back to a public hardcoded DEFAULT_TOKEN_SECRET and /auth-status and /login freely mint guest JWTs, combined_dependency honored a guest token before ever checking the API key, exposing document read/upload/delete, graph mutation, and query endpoints. No public exploit is identified at time of analysis, but the underlying fix (PR #3319) ships a regression test showing that forging a valid guest token with the default secret is trivial; fixed in 1.5.4.

Authentication Bypass Lightrag
NVD GitHub
CVSS 4.0
9.3
CVE-2026-61736 CRITICAL PATCH Act Now

Cross-origin data theft in LightRAG server versions prior to 1.5.4 allows any malicious website to make authenticated, credentialed API calls on behalf of a logged-in victim because the server ships with CORS_ORIGINS=* paired with allow_credentials=True. When an authenticated LightRAG user browses to an attacker-controlled page, that page can silently read documents and knowledge-graph data or issue destructive requests such as deleting the entire document store. No public exploit has been identified at time of analysis and the flaw is not in CISA KEV, but the fix is confirmed released in version 1.5.4.

Cors Misconfiguration Information Disclosure Lightrag
NVD GitHub
CVSS 3.1
9.3
CVE-2026-52893 CRITICAL Act Now

Account takeover in Wekan (open-source Meteor kanban) before 9.32 allows an attacker who controls an OIDC provider account asserting a victim's email or username to hijack the victim's existing Wekan account. The vulnerable Accounts.onCreateUser hook in server/models/users.js merged incoming OIDC identities into any local account whose email OR username matched, without verifying ownership or checking email_verified, letting the attacker inherit the victim's boards, attachments, API tokens, and admin status. No public exploit identified at time of analysis, but the fix is confirmed in version 9.32 and the flaw carries a CVSS 4.0 base score of 9.2 (critical).

Authentication Bypass Wekan
NVD GitHub
CVSS 4.0
9.2
CVE-2026-42533 CRITICAL PATCH Act Now

Heap buffer overflow in NGINX Plus and NGINX Open Source lets unauthenticated remote attackers crash worker processes (DoS) and, on hosts with ASLR disabled or bypassed, potentially execute arbitrary code by sending crafted HTTP requests. The flaw is a data-plane-only issue triggered when a regex-based map directive references the map's regex capture variables before the map output variable in a string expression, or via a non-cacheable variable under certain conditions. F5 has released a patched version; no public exploit identified at time of analysis and it is not listed in CISA KEV.

Nginx Heap Overflow Buffer Overflow RCE Nginx Plus +1
NVD
CVSS 4.0
9.2
CVE-2026-45534 CRITICAL PATCH Act Now

Reflection-based remote code execution in DataEase before 2.10.23 lets an authenticated operator who can configure a Redshift datasource achieve arbitrary code execution on the server. The Redshift JDBC driver loads an attacker-controlled rsjdbc.ini from the system temp directory and honors a malicious socketFactory pointing at Spring's FileSystemXmlApplicationContext, turning a normal JDBC connection into a code-execution chain. No public exploit is identified at time of analysis and it is not in CISA KEV, but the vendor has confirmed and patched the flaw in 2.10.23.

RCE Code Injection Dataease
NVD GitHub
CVSS 4.0
9.0
CVE-2026-62378 CRITICAL PATCH Act Now

Stored cross-site scripting in RustFS Console (0.1.7 through 0.1.9) lets an attacker upload an HTML payload disguised as a .pdf file that executes when an administrator previews it, exfiltrating the console's AccessKeyId, SecretAccessKey, and SessionToken. The flaw is a regression of the previously patched CVE-2026-27822 and stems from the PDF preview path trusting the .pdf filename extension rather than the actual content type. No public exploit identified at time of analysis, but a fix and the vulnerable code are public in 0.1.10.

XSS Console
NVD GitHub
CVSS 3.1
9.0
CVE-2026-56400 CRITICAL PATCH Act Now

Remote code execution in Open WebUI (self-hosted LLM interface) before the fixed 0.3.33 release allows attackers to hijack an authenticated admin session through a CORS misconfiguration. When an instance is deployed with allow_origins=* and an authenticated admin visits an attacker-controlled website, the malicious page can issue authenticated cross-origin requests to the /api/v1/functions endpoint and register attacker-supplied Python code, achieving code execution - and because the container runs as root by default, full container compromise. There is no public exploit identified at time of analysis and it is not on CISA KEV, but the flaw is documented in a GitHub Security Lab advisory (GHSL-2024-174/175) and reported by VulnCheck.

RCE Open Webui
NVD GitHub
CVSS 4.0
9.0
CVE-2026-35152 HIGH This Week

SQL injection in Apache Fineract's Report Execution API (the runreports endpoint) in all versions up to and including 1.14.0 lets an authenticated user holding report-run permission inject arbitrary SQL through crafted report parameter values, because those values are concatenated into the generated query without sufficient validation. This yields unauthorized read access to data well beyond what the report was scoped to expose, and by extension other database contents. There is no public exploit identified at time of analysis and the flaw is not in CISA KEV; the upstream fix landed in PR #5980, which introduces a configurable InputValidator/validation-profile framework.

SQLi Apache Authentication Bypass Fineract
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-55576 HIGH This Week

GitHub Actions expression injection in MaaAssistantArknights' dev-v2 CI (release-preparation.yml) lets an external attacker execute arbitrary shell commands on the ubuntu-latest runner by opening a non-draft fork pull request whose title begins with 'Release v'. The attacker-controlled pull_request.title was inlined directly into a run: block during opened, reopened, and ready_for_review events, so a crafted title breaks out of the sed command in the generate-changelog job. No public exploit has been identified at time of analysis and it is not in CISA KEV, but the class is trivially weaponizable and the fix commit (cafc3946) is public. EPSS was not provided.

Ubuntu Command Injection Maaassistantarknights
NVD GitHub
CVSS 4.0
8.8
CVE-2026-62312 HIGH PATCH This Week

Authenticated remote code execution in 9Router before 0.5.2 lets a logged-in attacker run arbitrary OS commands on the host by chaining a Host-header spoof (to reach routes that are supposed to be localhost-only) with unsanitized MCP plugin arguments that flow into child_process.spawn() via the /api/mcp//sse endpoint. Rated CVSS 8.8 (CWE-78, OS command injection), it is fixed in 0.5.2; no public exploit or CISA KEV listing exists at time of analysis, though a vendor advisory and fix commit are published.

RCE Command Injection 9Router
NVD GitHub
CVSS 3.1
8.8
CVE-2026-54449 HIGH POC GHSA This Week

Authenticated remote code execution in LangBot (pip package 'langbot', versions <= 4.10.5) allows any logged-in user to run arbitrary OS commands on the host by registering a malicious 'STDIO' MCP server through the Extensions > MCP configuration UI. Because LangBot passes the user-supplied command straight to the MCP SDK's StdioServerParameters, which spawns it as a subprocess, an attacker who signs up or uses stolen credentials gains full host takeover. A step-by-step and video proof-of-concept is public (publicly available exploit code exists), though there is no confirmed active exploitation.

RCE Command Injection
NVD GitHub
CVSS 3.1
8.8
CVE-2026-20150 HIGH This Week

Privilege escalation via improper access control in Cisco RoomOS software allows an authenticated attacker with low-level privileges to gain full control over affected collaboration endpoints, with high impact to confidentiality, integrity, and availability. The issue was discovered internally by Cisco's RoomOS engineering team during a proactive security review and is one of several access-control weaknesses grouped under CVE-2026-20150 and resolved in a single hardening release. There is no public exploit identified at time of analysis and the flaw is not listed in CISA KEV.

Authentication Bypass Cisco Cisco Roomos Software
NVD
CVSS 3.1
8.8
CVE-2026-55242 HIGH PATCH This Week

Server-side template injection in Frappe ERPNext (versions before 15.111.0 and 16.22.0) lets an authenticated user holding only a standard operational role inject a malicious template payload into a configuration field, causing the server to render it and disclose data the user is not authorized to see. Because the flaw is rooted in an authorization failure (CWE-863), it effectively bypasses ERPNext's role/permission boundaries. No public exploit identified at time of analysis, and it is not listed in CISA KEV; a fixed release is available from the vendor.

Authentication Bypass Erpnext
NVD GitHub
CVSS 3.1
8.8
CVE-2026-60005 HIGH PATCH This Week

Limited memory disclosure and worker-process restart in NGINX Plus and NGINX Open Source arise when the optional ngx_http_slice_module is compiled in and configured alongside unnamed regex captures, or when a background cache update occurs, letting remote attackers trigger uninitialized memory access (CWE-908) in the data plane. The CVSS:4.0 vector (AV:N/AC:L/PR:N/UI:N) indicates unauthenticated network exploitation with no user interaction, scored 8.8. There is no public exploit identified at time of analysis and no CISA KEV listing; F5 has released a patch and the issue does not affect the control plane.

Nginx Information Disclosure Nginx Plus Nginx Open Source
NVD
CVSS 4.0
8.8
CVE-2026-61684 HIGH This Week

Authentication bypass in FastGPT 4.15.0-beta4 lets unauthenticated remote attackers forge JWTs and access internal plugin reverse-call endpoints, because /api/invoke/* trusts tokens signed with INVOKE_TOKEN_SECRET whose default value is the literal string 'token' and which official deployment templates never set. By self-signing an HS256 JWT, an attacker can call /api/invoke/userInfo to read cross-tenant user PII via arbitrary tmbId values, or /api/invoke/fileUpload to write attacker-controlled content into chat files. No public exploit identified at time of analysis and not listed in CISA KEV, but the trivial exploitation and hardcoded-secret root cause make this high priority for self-hosted deployments.

Authentication Bypass Fastgpt
NVD GitHub
CVSS 4.0
8.8
CVE-2026-43637 HIGH PATCH This Week

Arbitrary file write in Cornac's dataset-download utility (all versions before 2.6.0) lets an attacker who controls a downloaded TAR archive place files anywhere the Python process can write, because the _extract_archive() helper in cornac/utils/download.py calls archive.extractall() without validating member paths. Since Cornac's built-in dataset loaders automatically fetch and unpack archives, a poisoned or MITM'd dataset archive containing ../ traversal, absolute paths, or symlink/hardlink entries can overwrite sensitive files and potentially achieve code execution. VulnCheck reported the issue; no public exploit identified at time of analysis and it is not in CISA KEV.

Path Traversal Cornac
NVD GitHub
CVSS 4.0
8.8
CVE-2026-61436 HIGH PATCH This Week

Webhook signature-verification bypass in PraisonAI before 4.6.78 lets unauthenticated attackers forge Svix 'message.received' events when the framework runs in AgentMail webhook mode. Because incoming payloads are trusted without validating the Svix signature (CWE-287), an attacker can POST crafted JSON to the webhook endpoint and cause configured agents to process attacker-chosen sender addresses and message bodies. A vendor patch exists (4.6.78); there is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Praisonai
NVD GitHub
CVSS 4.0
8.8
CVE-2026-61435 HIGH PATCH This Week

Authentication bypass in PraisonAI before 4.6.78 lets a remote, unauthenticated attacker reach the Call API agent-invocation endpoints when the deployment runs with PRAISONAI_CALL_AUTH=disabled. Because the localhost-only safeguard derives the bind host from the client-supplied HTTP Host header, an attacker on the network can send a spoofed 'Host: 127.0.0.1' header to defeat the restriction and both enumerate and invoke registered agents. Vendor patch is available (reported by VulnCheck); no public exploit identified at time of analysis and it is not listed in CISA KEV.

Authentication Bypass Praisonai
NVD GitHub
CVSS 4.0
8.8
CVE-2026-58077 HIGH This Week

Unauthenticated stored cross-site scripting in the 4Analytics analytics extension for Joomla (by weeblr.com) lets a remote attacker inject persistent JavaScript through a specially crafted request, with no login required. Because the payload is stored and later rendered in a privileged context, it can escalate to full website takeover under some conditions. There is no public exploit identified at time of analysis and the CVE is not listed in CISA KEV.

XSS 4Analytics Extension For Joomla
NVD
CVSS 4.0
8.7
EPSS
0.4%
CVE-2026-15804 HIGH PATCH This Week

SQL injection in MetaGuru's HCM (Human Capital Management) platform lets authenticated remote attackers inject malicious SQL through specific request parameters, yielding full read/write control over the backing database and its confidentiality, integrity, and availability. The flaw was reported by TWCERT (Taiwan CERT) and carries a CVSS 4.0 base score of 8.7; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. Because valid low-privilege credentials are required (PR:L), risk concentrates in environments where accounts are broadly provisioned or credentials can be phished/reused.

SQLi Hcm
NVD VulDB
CVSS 4.0
8.7
EPSS
0.3%
CVE-2026-57832 HIGH This Week

SQL injection in EDocman, the Joomla download/document manager extension by Joomdonation, allows remote unauthenticated attackers to inject arbitrary SQL through the extension's request handling (CWE-89). The CVSS 4.0 score of 8.7 reflects high confidentiality impact with no required privileges or user interaction, meaning database contents can be extracted directly over the network. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV; EPSS data was not provided.

SQLi Edocman Extension For Joomla
NVD VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-57831 HIGH This Week

SQL injection in the DPCalendar extension for Joomla lets remote unauthenticated attackers inject arbitrary SQL through a vulnerable parameter, per the CVSS:4.0 vector (PR:N/UI:N). With confidentiality-only impact rated High and no integrity or availability effect, the flaw primarily enables theft of Joomla database contents such as user records, session data, and configuration secrets. No public exploit identified at time of analysis, and no EPSS or CISA KEV signal was provided.

SQLi Dp Calendar Extension For Joomla
NVD VulDB
CVSS 4.0
8.7
EPSS
0.2%
CVE-2026-56679 HIGH PATCH This Week

Authentication bypass in 9Router (AI router & token saver) prior to 0.5.4 lets any authenticated user disable application-wide login by abusing a mass-assignment flaw in the PATCH /api/settings endpoint. Because the endpoint persists the entire request body without a field whitelist, a low-privileged user can flip security-critical settings such as requireLogin, thereby exposing sensitive routes like /api/keys and /api/providers to unauthenticated access. No public exploit identified at time of analysis; the issue is fixed in version 0.5.4.

Information Disclosure 9Router
NVD GitHub
CVSS 4.0
8.7
CVE-2026-33445 HIGH PATCH This Week

Persistent denial-of-service in Absolute Secure Access servers before version 14.55 allows a remote attacker with deep, low-level command of the tunnel protocol to corrupt server-side memory management and keep the server down. The flaw carries a CVSS 4.0 base score of 8.7 driven entirely by an availability (VA:H) impact, with no confidentiality or integrity consequence. No public exploit identified at time of analysis and it is not listed in CISA KEV, so real-world exploitation appears unproven.

Information Disclosure Secure Access
NVD
CVSS 4.0
8.7
CVE-2026-45320 HIGH PATCH This Week

{deptId}. The root cause is SqlparserUtils.transFilter() returning raw, unsanitized user input for operators other than 'in'/'between', which is then string-spliced into the dashboard query via SubstitutedSql.replace(). No public exploit identified at time of analysis and it is not in CISA KEV, but the vendor GHSA advisory, fixing commit, and 2.10.23 release confirm the flaw is real and patched.

SQLi Dataease
NVD GitHub VulDB
CVSS 4.0
8.7
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy