Skip to main content

Actively Exploited File-Upload RCE Leads Critical Findings Amid Broad Backlog

Jul 06 - Jul 13, 2026
Total CVEs
1509
Critical + High
701
KEV
1
Public Exploits
142

Executive Summary

Overview

This week's scan surfaced 1509 findings, including 139 critical and 562 high-severity issues, with 246 critical/high vulnerabilities remaining unpatched. One vulnerability (CVE-2026-56291, an unauthenticated file-upload RCE in Joomla's Balbooa Forms) is confirmed actively exploited in the KEV catalog and has no vendor patch, while 142 findings have public proof-of-concept code available. Several critical file-manager and command-injection flaws affecting WordPress plugins, 9Router, and Kubernetes MCP tooling carry public exploits, though most have vendor or upstream fixes available.

Critical Threats

  • CVE-2026-56291 (CRITICAL, CVSS 10.0) — Unauthenticated arbitrary file upload in the Balbooa Forms extension for Joomla allows remote attackers to upload executable server-side scripts and achieve remote code execution. Confirmed actively exploited (CISA KEV); no vendor-released patch identified.
  • CVE-2026-59800 (CRITICAL, CVSS 9.2) — 9Router remote unauthenticated OS command injection via POST /api/tunnel/tailscale-install endpoint, allowing arbitrary command execution as root. Public exploit code available; vendor-released patch: 0.4.44. Unauthenticated remote attackers.
  • CVE-2026-58473 (CRITICAL, CVSS 9.3) — Cognee instance-wide LLM configuration hijacking via unauthenticated /api/v1/settings endpoint. Public exploit code available; upstream fix available (PR/commit). Any remote attacker with a self-registered account can overwrite global LLM provider settings affecting all users.
  • CVE-2026-60104 (CRITICAL, CVSS 9.3) — Hashicorp Server account takeover via broken object-level authorization (CWE-639) in the Trusted Device Encryption admin-approval handler, allowing a low-privileged organization member to steal any other member's vault key and a victim-scoped access token. Public exploit code available; upstream fix available (PR/commit).
  • CVE-2026-61459 (CRITICAL, CVSS 9.3) — Argument injection in Flux159 MCP Server Kubernetes before 3.9.0 allows remote attackers to redirect kubectl operations to an attacker-controlled API server by smuggling a --server flag through the resourceType and name parameters. Public exploit code available; upstream fix available (PR/commit).
  • CVE-2026-6382 (CRITICAL, CVSS 9.1) — WordPress plugins FileOrganizer (before 1.1.9), Advanced File Manager (before 5.4.12), File Manager Pro (before 2.1.1), and File Manager (before 8.0.4) OS command injection via improper escaping of a parameter passed to a shell command during image operations. Public exploit code available; vendor-released patch: 1.1.9 / 5.4.12 / 2.1.1 / 8.0.4. Authenticated attackers.
  • CVE-2026-23697 (HIGH, CVSS 8.7) — Remote code execution in Vtiger CRM before 8.4.0 via malicious .phar file upload through the Documents module by an authenticated low-privileged user. Public exploit code available; no vendor-released patch identified.
  • CVE-2026-11962 (HIGH, CVSS 8.8) — Authenticated remote code execution in the FileOrganizer WordPress plugin before 1.2.0 allows users with file-manager role access to upload arbitrary PHP files due to missing file-type validation on multiple file-management endpoints. Public exploit code available; vendor-released patch: 1.2.0.

Threat Landscape

Most-affected vendors: WordPress (196), Microsoft (54), Google (51), Apache (47), Juniper (22).

Most common attack techniques: Authentication Bypass (375), Information Disclosure (334), Denial Of Service (194), XSS (165), RCE (122).

Patch coverage: 903 of 1509 CVEs have a patch; 246 Critical/High remain unpatched.

Key Trends

  • Volume is 21% down week-over-week (1919 → 1509 CVEs).
  • 1 CVE is in CISA's KEV catalog.
  • 142 CVEs have public exploit code.

Top 8 Priority CVEs

120
CVE-2026-56291 CRITICAL KEV POC

Unauthenticated arbitrary file upload in the Balbooa Forms extension for Joomla lets remote attackers upload executable server-side scripts and achieve full remote code execution. The flaw carries a maximum CVSS 4.0 base score of 10.0 with a scope change, meaning a successful upload compromises the underlying host beyond the vulnerable extension. No public exploit identified at time of analysis, though a third-party write-up (mysites.guru) documents the flaw and the supplied CVSS metadata asserts observed attack activity.

67
CVE-2026-59800 CRITICAL POC

Remote unauthenticated OS command injection in 9Router before 0.4.44 lets attackers run arbitrary commands as root via the POST /api/tunnel/tailscale-install endpoint, which is excluded from the dashboard authorization middleware. The attacker-supplied sudoPassword field is piped to the stdin of a 'sudo -S sh' child process; when sudo does not prompt for a password, sh interprets that value as a shell command. Active exploitation evidence was reported by the Shadowserver Foundation on 2026-07-04; this is not (yet) listed in CISA KEV, and no public exploit code is referenced in the supplied data.

67
CVE-2026-58473 CRITICAL POC

Instance-wide LLM configuration hijacking in Cognee before 1.2.0 lets any remote attacker self-register a normal account and overwrite the global LLM provider settings through the /api/v1/settings endpoint, which performs no admin or superuser authorization check. Because the configuration is held in a process-wide singleton cache, a single call redirects every user's LLM operations to an attacker-controlled endpoint, exfiltrating prompts, uploaded documents, extracted entities, and knowledge-graph content. This is confirmed publicly available exploit code exists (reported by VulnCheck, with a released vendor patch in v1.2.0), and the CVSS 4.0 score is 9.3 (Critical).

67
CVE-2026-60104 CRITICAL POC

Account takeover in self-hosted Bitwarden Server before 2026.6.0 lets a low-privileged organization member steal any other member's vault key and a victim-scoped access token. The POST /auth-requests/admin-request handler never verifies that the email in the request body belongs to the authenticated caller (CWE-639), so an attacker can create a Trusted Device Encryption admin-approval request for a victim, bound to an attacker-controlled public key; once approved, the encrypted key material is retrievable from an unauthenticated endpoint. Publicly available exploit code exists (a VulnCheck advisory plus a public write-up), and the CVSS 4.0 base score of 9.3 reflects high confidentiality and integrity impact plus a cross-user scope change.

67
CVE-2026-61459 CRITICAL POC

Argument injection in Flux159 MCP Server Kubernetes before 3.9.0 lets remote attackers redirect kubectl operations to an attacker-controlled API server by smuggling a leading-dash `--server` flag through the resourceType and name parameters of the kubectl_get, kubectl_describe, and kubectl_delete structured tools. Because the injected values bypass the assertNoDangerousFlags check, the operator's bearer token is transmitted to the external server, enabling full Kubernetes cluster compromise. Reported by VulnCheck, it carries CVSS 4.0 9.3, has publicly available exploit code, and a vendor patch in release 3.9.0; there is no confirmed active exploitation.

66
CVE-2026-6382 CRITICAL POC

The FileOrganizer WordPress plugin before 1.1.9, Advanced File Manager WordPress plugin before 5.4.12, File Manager Pro WordPress plugin before 2.1.1, File Manager WordPress plugin before 8.0.4 do not properly escape a parameter before passing it to a shell command when processing image operations, allowing authenticated users to perform OS Command Injection. This requires the server to have the ImageMagick convert CLI available without either the PHP imagick or GD extensions.

64
CVE-2026-23697 HIGH POC

Remote code execution in Vtiger CRM before 8.4.0 lets an authenticated low-privileged user upload a malicious .phar file through the Documents module and execute arbitrary PHP. The extension denylist in config.inc.php omits .phar, and a stale Apache 2.2-syntax .htaccess is silently ignored on Apache 2.4, so the payload lands in a web-accessible directory reachable by unauthenticated HTTP - the attack begins authenticated but the final execution step is unauthenticated. Publicly available exploit code exists (published by VulnCheck/Jiva Security); no CISA KEV listing and no EPSS score were provided.

64
CVE-2026-11962 HIGH POC

Authenticated remote code execution in the FileOrganizer WordPress plugin before 1.2.0 lets users granted file-manager access upload arbitrary PHP files because several file-management operations skip file-type validation. Publicly available exploit code exists, and the flaw is an incomplete fix of CVE-2024-7985, which only hardened the upload operation while leaving other file-management endpoints unvalidated. With CVSS 3.1 base 8.8 (PR:L) and a working PoC, any low-privileged account with file-manager rights - extendable to sub-administrator roles via the premium add-on - can achieve full site compromise.

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy