Ghostwire — CVE Vulnerability Tracker

Tracking 31,000+ vulnerabilities from NVD, FIRST EPSS, and CISA KEV. Exploit and PoC data updated continuously.

CVE-2026-15338 HIGH CVSS 7.5 ⚠ EXPLOIT AVAILABLE

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.1 via the get_type_template function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary .php files on the server, allowing the execution of any PHP code in those files. This can be us

2026-07-11
CVE-2026-15073 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Doctor-level access and above, to

2026-07-11
CVE-2026-15072 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

The KiviCare – Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to generic SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.5.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with doctor-level access and above, to

2026-07-11
CVE-2026-13353 HIGH CVSS 8.8 ⚠ EXPLOIT AVAILABLE

The WP Ultimate CSV Importer – WordPress Import & Export for CSV, XML & Excel plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 8.0.1 via the 'MappedFields' parameter. This is due to missing capability checks on the AJAX handlers for install_addon, saveMappedFields, and StartImport, combined with the plugin nonce being exposed to any authenticated us

2026-07-11
CVE-2026-13262 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

The Majestic Support – The Leading-Edge Help Desk & Customer Support Plugin plugin for WordPress is vulnerable to generic SQL Injection via the 'val' parameter in all versions up to, and including, 1.1.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional

2026-07-11
CVE-2026-13114 HIGH CVSS 7.2 ⚠ EXPLOIT AVAILABLE

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment Content and User Biographical Info in all versions up to, and including, 1.4.112 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a u

2026-07-11
CVE-2026-12426 MEDIUM CVSS 5.3 ⚠ EXPLOIT AVAILABLE

The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.22 via the members_filter_protected_posts_for_rest. This makes it possible for unauthenticated attackers to extract determine the existence and exact count of access-restricted posts, and use per-page pagination as a boolean oracle to inf

2026-07-11
CVE-2026-10628 MEDIUM CVSS 4.3 ⚠ EXPLOIT AVAILABLE

The Points and Rewards for WooCommerce plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.10.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to convert and drain any user's reward points into wallet balance,

2026-07-11
GHSA-g936-7jqj-mwv8 CRITICAL CVSS 9 ⚠ EXPLOIT AVAILABLE

TSDProxy: Internal proxy auth token forwarded to backend services enables management API escalation

2026-07-10
CVE-2026-54174 HIGH CVSS 8.3 ⚠ EXPLOIT AVAILABLE

melange: Incomplete package integrity verification allows data section substitution

2026-07-10
CVE-2026-54171 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

Excon does not redact additional sensitive/risky headers when following redirects

2026-07-10
GHSA-h4g2-xfmw-q2c9 HIGH ⚠ EXPLOIT AVAILABLE

Clauster: Non-loopback deployments can serve the dashboard unauthenticated when auth.enabled is unset

2026-07-10
CVE-2026-54163 MEDIUM CVSS 4.7 ⚠ EXPLOIT AVAILABLE

Secure Headers: CSP directive injection via sandbox, plugin_types, and report_to when given untrusted input

2026-07-10
CVE-2026-54159 CRITICAL CVSS 10 ⚠ EXPLOIT AVAILABLE

prestashop/ps_facetedsearch: PHP Object Injection in faceted search cache allows unauthenticated RCE

2026-07-10
GHSA-g5r6-gv6m-f5jv HIGH CVSS 7.7 ⚠ EXPLOIT AVAILABLE

mcp-atlassian: Arbitrary file read via missing path validation in confluence_upload_attachment

2026-07-10
GHSA-wm45-qh3g-v83f HIGH CVSS 7.7 ⚠ EXPLOIT AVAILABLE

mcp-atlassian: Arbitrary server-side file read via attachment upload

2026-07-10
GHSA-xrmc-c5cg-rv7x HIGH CVSS 8.8 ⚠ EXPLOIT AVAILABLE

SafeInstall agent guard shell parsing can miss raw package execution

2026-07-10
GHSA-qv4m-m73m-8hj7 HIGH CVSS 8.8 ⚠ EXPLOIT AVAILABLE

NotrinosERP: Authenticated arbitrary file upload leads to remote code execution via HRM employee "Documents" (doc_file)

2026-07-10
CVE-2026-54071 HIGH CVSS 7.8 ⚠ EXPLOIT AVAILABLE

BabelDOC: Arbitrary Code Execution via CMap Pickle Deserialization in babeldoc/pdfminer/cmapdb.py

2026-07-10
GHSA-99j7-fhr2-xfj4 CRITICAL ⚠ EXPLOIT AVAILABLE

`exploration` was removed from crates.io for malicious code

2026-07-10
CVE-2026-54136 MEDIUM ⚠ EXPLOIT AVAILABLE

Windmill: Resource-scoped API tokens can read script contents outside their allowed path via scripts/list_search

2026-07-10
GHSA-9mqm-qcwf-5qhg MEDIUM CVSS 5.5 ⚠ EXPLOIT AVAILABLE

CredSweeper: Recursive archive size-limit bypass in deep scanner allows crafted compressed inputs to exhaust resources

2026-07-10
CVE-2026-54072 CRITICAL CVSS 9.3 ⚠ EXPLOIT AVAILABLE

Authorizer: Unvalidated redirect_uri in /authorize leaks OAuth2 tokens to attacker-controlled URL

2026-07-10
GHSA-489g-7rxv-6c8q MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

MCP Atlassian: DNS-rebinding TOCTOU bypass of the SSRF fix (CVE-2026-27826)

2026-07-10
CVE-2026-49977 MEDIUM CVSS 4.3 ⚠ EXPLOIT AVAILABLE

tarteaucitron: data-cookie attribute can be used to delete arbitrary cookies

PoC: AmauriC/tarteaucitron.js
2026-07-10
CVE-2026-49865 MEDIUM ⚠ EXPLOIT AVAILABLE

Kimai has Server-Side Request Forgery in Invoice PDF Rendering via Markdown Image URLs

PoC: kimai/kimai
2026-07-10
CVE-2026-14461

mtr is vulnerable to Out-of-bound read vulnerability in ipinfo_lookup() function. An attacker who can influence the TXT response used for AS lookups can trigger this bug by returning a DNS response that is larger than 512 bytes and uses a crafted compression pointer in the answer NAME field. ipinfo_lookup() function uses the length of the response as the end-of-message boundary for dn_expand() fun

PoC: traviscross/mtr
2026-07-10
CVE-2026-41880

R-SOFT DMS is vulnerable to OS Command Injection in the Optical Character Recognition (OCR) module. Multiple command execution functions accept user-controllable file paths without proper sanitization before passing them to the system shell via SSH. In current infrastructure the URL encoding neutralizes the injection during the standard web upload flow. An authenticated attacker who is able to tri

2026-07-10
CVE-2026-41876

R-SOFT DMS is vulnerable to OS Command Injection in konwertujAction() function. The document converter executes shell commands using unsanitized file paths and format parameters. This allows an authenticated attacker to execute arbitrary system commands with the privileges of the web server user. This issue was fixed in version v3.19-2752 and v3.17-2580.

2026-07-10
CVE-2026-15028 LOW CVSS 3.9 ⚠ EXPLOIT AVAILABLE

A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation could lead to a denial of service, making the system unavailable, or potentially allow for arbitrary code

2026-07-10
CVE-2026-21055 MEDIUM

Improper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege.

2026-07-10
CVE-2026-21052 MEDIUM

Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege.

2026-07-10
CVE-2026-21049 MEDIUM

Out-of-bounds write in libpadm.so library prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code.

2026-07-10
CVE-2026-21046 MEDIUM

Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code.

2026-07-10
CVE-2026-21043 MEDIUM

Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege.

2026-07-10
CVE-2026-21042 MEDIUM

Out-of-bounds write in libsavsac.so prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code.

2026-07-10
CVE-2026-49838 MEDIUM CVSS 5.9 ⚠ EXPLOIT AVAILABLE

GoBGP confederation validation panics on empty AS_PATH attribute

PoC: osrg/gobgp
2026-07-09
CVE-2026-49837 MEDIUM CVSS 5.9 ⚠ EXPLOIT AVAILABLE

GoBGP: BGP OPEN capability parser may read capability values outside declared CapLen boundaries

PoC: osrg/gobgp
2026-07-09
CVE-2026-49836 MEDIUM ⚠ EXPLOIT AVAILABLE

psd-tools vulnerable to arbitrary file write via smart-object filename

PoC: psd-tools/psd-tools
2026-07-09
CVE-2026-49834 MEDIUM CVSS 5.9 ⚠ EXPLOIT AVAILABLE

sigstore-go has a multi-log threshold bypass via single compromised log

PoC: sigstore/sigstore-go
2026-07-09
CVE-2026-53956 MEDIUM CVSS 5.4 ⚠ EXPLOIT AVAILABLE

Rattler vulnerable to package cache path traversal via conda package build string

PoC: conda/rattler
2026-07-09
CVE-2026-55252 MEDIUM ⚠ EXPLOIT AVAILABLE

OpenRun: Redirect URL validation bypass using  //host  paths leads to Open Redirect

PoC: openrundev/openrun · PoC: openrundev/openrun
2026-07-09
CVE-2026-59858 HIGH

Vim is an open source, command line text editor. Prior to 9.2.0735, the C omni-completion script in runtime/autoload/ccomplete.vim interpolates the typeref: or typename: extension field of a tags entry, without escaping, into a :vimgrep pattern that is run through :execute. Because :vimgrep honors the bar as a command separator, a crafted tag field can close the search pattern and append an arbitr

PoC: vim/vim · PoC: vim/vim
2026-07-09
CVE-2026-59857 MEDIUM

Vim is an open source, command line text editor. Prior to 9.2.0725, the single-byte branch of spell_soundfold_sal() in src/spell.c translates a word through a spell file's SAL sound-folding rules into a caller-owned result buffer, but its result writes are guarded with reslen < MAXWLEN, allowing reslen to reach MAXWLEN before res[reslen] = NUL writes one byte past the end of the MAXWLEN-element st

PoC: vim/vim · PoC: vim/vim
2026-07-09
CVE-2026-59856 HIGH

Vim is an open source, command line text editor. Prior to 9.2.0736, the PHP omni-completion script in runtime/autoload/phpcomplete.vim interpolates a class or trait name, taken from the contents of the edited buffer, into a search() pattern that is run via win_execute() without escaping. A name containing a single quote can terminate the search() string argument early, and because the bar is honor

PoC: vim/vim · PoC: vim/vim
2026-07-09
CVE-2026-59855 HIGH

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts interpolates the unsanitized this.path value into HTML assigned to innerHTML, allowing a crafted asset link containing a double quote to break out of the src attribute, inject an event handler, and execute JavaScript that can run OS commands in the Electron renderer. This issue is

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59854 MEDIUM CVSS 4.9

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, POST /api/file/globalCopyFiles accepts attacker-supplied absolute source paths and relies on util.IsSensitivePath in kernel/util/path.go, whose denylist misses common home-directory credential files such as .git-credentials, .netrc, .pgpass, .kube/config, .docker/config.json, and .gnupg, allowing an authenticated admini

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59853 MEDIUM CVSS 6.5

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /api/storage/getCriteria endpoint returns saved search criteria from data/storage/criteria.json without the publish-access filtering used by sibling storage endpoints, allowing a publish-mode Reader to read private document paths, notebook, document, and block IDs, and search and replace keywords for unpublished doc

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59834 HIGH CVSS 7.5

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the block search endpoint POST /api/search/fullTextSearchBlock concatenates attacker-controlled paths values into SQL predicates used by non-SQL search modes, allowing an unauthenticated publish visitor to inject a UNION SELECT and return rows from hidden documents by projecting an allowed visible box and path. This iss

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59833 HIGH

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored cross-site scripting in document export-preview and Bazaar package README render paths that can execute

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59832 HIGH CVSS 7.7 ⚠ EXPLOIT AVAILABLE

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, the /snippets/*filepath route handler serveSnippets in kernel/server/serve.go joins a single-decoded request path with the snippets directory without subpath containment or sensitive-path checks, allowing an authenticated request such as /snippets/%2e%2e/%2e%2e/conf/conf.json to read workspace secrets and the document d

PoC: siyuan-note/siyuan · PoC: siyuan-note/siyuan
2026-07-09
CVE-2026-59831 MEDIUM CVSS 4.4 ⚠ EXPLOIT AVAILABLE

GitHub CLI (gh) is GitHub’s official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow command execution because the command opens a JupyterLab URL supplied by a process inside the Codespace without validating that it is a loopback HTTP or HTTPS address, allowing a crafted vscode:// or vscode-insiders:// URL to be handed to VS Co

PoC: cli/cli · PoC: cli/cli
2026-07-09
CVE-2026-57501 LOW CVSS 0 ⚠ EXPLOIT AVAILABLE

Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link to a file URL that can load with System privileges when opened through either context-menu item and bypa

PoC: zen-browser/desktop · PoC: zen-browser/desktop
2026-07-09
CVE-2026-58123 CRITICAL CVSS 9.8

Hermes WebUI before 0.51.788 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary shell commands by accessing the embedded terminal API endpoints without credentials. Attackers can create a session, attach a PTY shell, and write arbitrary commands through the terminal input endpoint to achieve full command execution as the server process

PoC: nesquena/hermes-webui
2026-07-09
CVE-2026-58122 CRITICAL CVSS 9.1

Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to perform server-side request forgery against internal services including cloud metadata endpoints, overw

PoC: nesquena/hermes-webui
2026-07-09
CVE-2026-58144 MEDIUM

Cotonti Siena 0.9.26 and earlier contains a stored cross-site scripting vulnerability that allows authenticated users with PFS access to inject arbitrary script payloads by supplying malicious HTML in the ntitle parameter processed through the TXT filter in pfs.main.php. Attackers can create a folder with a crafted title containing script tags that are stored unescaped in the database and execute

2026-07-09
CVE-2026-59828 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, post revisions that should be hidden from regular users could be leaked through visible diffs on adjacent revisions serialized by PostRevisionSerializer. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-58143 HIGH

Cotonti Siena 0.9.26 and earlier contains a cross-site request forgery vulnerability that allows unauthenticated attackers to modify administrator configuration by tricking a logged-in administrator into submitting a forged POST request to the admin.php config update handler, which never invokes the application's CSRF validation function. Attackers can disable the PFS module's file extension white

2026-07-09
CVE-2026-55424 HIGH

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a topic "featured link" was not sufficiently normalized and escaped before being rendered in the topic list, allowing a user who can set a featured link to inject JavaScript when default Content Security Policy protections were modified or disabled. This issue is fixed in versions 2026.6.0, 2026.5

2026-07-09
CVE-2026-55605 MEDIUM

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.8.0, the self-hosted HTTP transport of `@arikusi/deepseek-mcp-server` exposes `POST /mcp` without any authentication: `createMcpExpressApp` is called without an `authProvider` and no middleware guards the route, so any network-reachable client can issue an unauthenticated `initialize` request and

2026-07-09
CVE-2026-55604 HIGH

DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global `SessionStore` accepts caller-supplied `session_id` values without binding them to any authenticated principal or transport session. An attacker can enumerate active session IDs via `deepseek_sessions`, then reuse a victim-controlled `session_id` in `deepseek_chat` to retr

2026-07-09
CVE-2026-49256 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, restricted tag and tag-group names attached to publicly readable categories as allowed_tags, allowed_tag_groups, or required tag groups could leak to anonymous and unauthorized users through category and group endpoints. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-53961 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the AWS SES bounce webhook at POST /webhooks/aws verified that SNS messages were signed by Amazon but did not bind them to trusted TopicArn values, allowing any AWS account holder to publish validly signed forged Bounce notifications that revoke a targeted user email. This issue is fixed in versio

2026-07-09
CVE-2026-53963 HIGH

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, a malicious second factor name on an attacker-controlled account was not escaped in the delete confirmation dialog, allowing stored cross-site scripting when an administrator impersonated that account. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-46413 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, regular users could route direct S3 multipart uploads through ExternalUploadManager into the admin backup store. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-53962 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, insufficient SVG sanitization in upload and user avatar handling could lead to cross-site scripting when a user visited specific URLs that are not normally part of community browsing. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-45788 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, secure uploads could be exposed by pull_hotlinked_images when an attacker knew the secured upload URL and the secure_uploads site setting was enabled. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-44787 HIGH

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, the signup flow could allow newly registered users to set primary_group_id and gain whisper-group privileges without legitimate group membership on sites with whispers_allowed_groups configured. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-39243 HIGH

decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling file read disclosure and file corruption. When processing hardlink entries (type === 'link'), the x.linkname field from the archive is passed directly to fs.link() without validation (index.js line 113). An attacker can craft an archive with a hardlink entry whose linkname is an absolute path to any file

2026-07-09
CVE-2026-45780 MEDIUM

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, EventSerializer could expose invited group names, sample invitees, and attendance statistics to users who could view the topic but were not entitled to view the private event invitee list. This issue is fixed in versions 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-39246 MEDIUM

decompress before 4.2.2 allows arbitrary symlink creation during archive extraction. When processing symlink entries (type === 'symlink'), the x.linkname field from the archive is passed directly to fs.symlink() without validation (index.js line 121). The preventWritingThroughSymlink check on line 98 only applies to file entries, not symlink creation. An attacker can craft an archive with symlink

2026-07-09
CVE-2026-39245 CRITICAL

decompress before 4.2.2 contains an improper path containment check that enables directory traversal and arbitrary file write. The safeMakeDir function (index.js line 29) and the extraction path validation (index.js line 106) use String.indexOf() to verify the resolved path is within the output directory: realDestinationDir.indexOf(realOutputPath) !== 0. This check is flawed because it does not en

2026-07-09
CVE-2026-15274 LOW

A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the file src/pull_parser/v7400/parser.rs of the component Node Header Handler. The manipulation results in denial of service. The attack must be initiated from a local position. The exploit is now public and may be used. The pull request to fix this issue awaits acceptance.

2026-07-09
CVE-2026-38076 HIGH

An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

2026-07-09
CVE-2026-15276 LOW

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.

2026-07-09
CVE-2026-15271 HIGH

A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege violation. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation

2026-07-09
CVE-2026-60120 MEDIUM

Bagisto before 2.4.4 contains a stored cross-site scripting vulnerability via client-side template injection that allows unauthenticated attackers to execute arbitrary JavaScript in administrator browsers by registering a customer account with malicious payload in the first or last name field. The create.blade.php template renders customer name fields without the Vue.js v-pre directive, causing Vu

2026-07-09
CVE-2026-55208 HIGH

Pimcore Studio Backend Bundle is the backend bundle for Pimcore Studio. Prior to 2025.4.6 and 2026.1.6, an authenticated user can extract the admin password hash and other database content through time-based blind SQL injection in the DateFilter column key parameter. The POST /pimcore-studio/api/website-settings endpoint and other listing endpoints accept a columnFilters array where the key field

2026-07-09
CVE-2026-55212 HIGH

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, the Studio API class definition creation endpoint POST /pimcore-studio/api/class/definition/configuration-view/detail/create is guarded by the objects permission instead of the classes permission, allowing a standard editor-level user to create class definitions without admin privileges. Class definiti

2026-07-09
CVE-2026-55207 HIGH

Pimcore is an Open Source Data & Experience Management Platform. Prior to 2025.4.6 and 2026.1.6, an unauthenticated attacker who knows a valid admin username can take over any Pimcore admin account by sending a password reset request with an attacker-controlled resetPasswordUrl. The server generates a real cryptographic recovery token, appends it to the supplied URL, and emails the link to the vic

2026-07-09
CVE-2026-51925 CRITICAL

A Local File Inclusion (LFI) vulnerability exists in docuForm GmbH Client v.11.11c that allows a remote attacker to execute arbitrary code via the dfm-menu_report.php component. Attackers can exploit this flaw to read arbitrary files on the server, including sensitive configuration files, source code or system files.

2026-07-09
CVE-2026-51926 MEDIUM

An issue in docuForm GmbH FSM Client v.11.11c allows a remote attacker to obtain sensitive information via the login.php component. A vulnerability was identified in the authentication mechanism that allows user enumeration through the login interface. An attacker can differentiate between valid and invalid usernames based on variations in server responses. This information can be leveraged to ide

2026-07-09
CVE-2026-51924 CRITICAL

An issue in docuForm GmbH Client v.11.11c allows a remote attacker to execute arbitrary code via the file upload and report.php component

2026-07-09
CVE-2026-51923 CRITICAL

An Insecure Direct Object Reference (IDOR) vulnerability exists in docuForm GmbH Client v.11.11c allowing a remote attacker to execute arbitrary code via the user settings component, and modify or retrieve sensitive data associated with other users’ accounts.

2026-07-09
CVE-2026-31267 MEDIUM

Mercusys MW302R MW302R(EU)_V1_1.4.10 Build 231023 is vulnerable to Buffer Overflow in the administrative web interface. A stack buffer overflow vulnerability in the administrative web interface allows an authenticated attacker with administrative privileges to trigger a system crash by sending a specially crafted request. The vulnerability results in denial of service through control flow manipula

2026-07-09
CVE-2025-45422 LOW ⚠ EXPLOIT AVAILABLE

Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules.

PoC: Cedrico03/CVE-2025-45422---Bbox
2026-07-09
CVE-2026-53639 MEDIUM ⚠ EXPLOIT AVAILABLE

Sylius: IDOR on Shop Payment Request API endpoints

PoC: Sylius/Sylius
2026-07-09
CVE-2026-53638 MEDIUM CVSS 4.3 ⚠ EXPLOIT AVAILABLE

Sylius: Channel-based payment method restriction bypass on shop account orders API endpoint

PoC: Sylius/Sylius
2026-07-09
CVE-2026-53637 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

Sylius: Cart FormComponent allows modification or deletion of an already-completed order

PoC: Sylius/Sylius
2026-07-09
CVE-2026-52777 CRITICAL ⚠ EXPLOIT AVAILABLE

YesWiki Vulnerable to Authenticated PHP Object Injection in BazarImportAction via unserialize

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52775 HIGH CVSS 8.8 ⚠ EXPLOIT AVAILABLE

YesWiki has Authenticated SQL Injection via ReactionManager

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52774 MEDIUM CVSS 6.1 ⚠ EXPLOIT AVAILABLE

YesWiki Vulnerable to Reflected XSS via Unescaped `id` Parameter in Bazar Widget HTML Attributes

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52773 MEDIUM CVSS 6.1 ⚠ EXPLOIT AVAILABLE

YesWiki Vulnerable to Reflected XSS via Unescaped Archived-Revision `time` Parameter in `handlers/page/show.php`

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52772 MEDIUM CVSS 5.5 ⚠ EXPLOIT AVAILABLE

YesWiki has stored XSS in Bazar form-field templates via unescaped field.label / field.hint (|raw('html'))

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52771 HIGH CVSS 8.3 ⚠ EXPLOIT AVAILABLE

YesWiki: Second-Order SQL Injection in Page Delete API via Unescaped Page Tag (`ApiController::deletePage`)

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52770 HIGH CVSS 7.5 ⚠ EXPLOIT AVAILABLE

YesWiki: SQL Injection possible through public Bazar entry-listing APIs via numeric `query`/`queries` filters

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52769 HIGH CVSS 8.3 ⚠ EXPLOIT AVAILABLE

YesWiki has Unauthenticated Server-Side Request Forgery via ActivityPub `Signature.keyId`

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52767 HIGH CVSS 8.2 ⚠ EXPLOIT AVAILABLE

YesWiki Vulnerable to Unauthenticated ActivityPub Signature-Verification Bypass via `!openssl_verify(...)` accepting `int(-1)`

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52766 CRITICAL CVSS 9.1 ⚠ EXPLOIT AVAILABLE

YesWiki vulnerable to unauthenticated arbitrary page deletion via `{{erasespamedcomments}}` action

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52763 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

YesWiki: SQL injection via the `recentchanges` action `period` argument leads to arbitrary DB read

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-52762 HIGH ⚠ EXPLOIT AVAILABLE

YesWiki: Authenticated (Admin) Server-Side Template Injection to Remote Code Execution via Bazar Semantic Templates

PoC: YesWiki/yeswiki · PoC: YesWiki/yeswiki
2026-07-09
CVE-2026-53769 MEDIUM CVSS 6.5 ⚠ EXPLOIT AVAILABLE

Avo: Direct attachment upload endpoint lacks upload authorization and bypasses field-level upload policy

PoC: avo-hq/avo
2026-07-09
CVE-2026-53932 HIGH CVSS 8 ⚠ EXPLOIT AVAILABLE

laravel-backup-restore has an OS Command Injection during database restore

PoC: stefanzweifel/laravel-backup-restore
2026-07-09
CVE-2026-53602 MEDIUM ⚠ EXPLOIT AVAILABLE

nebula-mesh: Host revocation is not durable - blocked/offboarded hosts can regain a valid certificate

PoC: forgekeep/nebula-mesh · PoC: forgekeep/nebula-mesh
2026-07-09
CVE-2026-15270 MEDIUM

A weakness has been identified in D-link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The attack requires a high level of complexity. The exploitation appears to be difficult. The exploit has bee

2026-07-09
CVE-2026-0275 LOW

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS.

2026-07-09
CVE-2026-59149 MEDIUM

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, a FILE response whose filePath embeds request data is confined by getSafeFilePath in packages/commons-server/src/libs/server/server.ts with resolvedPath.startsWith(staticBaseDir). That prefix test has no path-separator boundary, so a ../-escaped path whose absolute form string-prefixes the base directory passes, allowing an unauthen

2026-07-09
CVE-2026-59148 HIGH

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, Mockoon's admin API in commons-server/src/libs/server/admin-api.ts is mounted on the same Express listener as user-defined mock routes, enabled by default in shipped runtimes, serves Access-Control-Allow-Origin: * with write methods allowed, and has no authentication. Any unauthenticated caller who can reach the mock server port can

2026-07-09
CVE-2026-58198 MEDIUM

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. Prior to 1.2.14, UbuntuCorpusTrainer.extract() uses a predictable home-rooted output directory (~/ubuntu_data/ubuntu_dialogs) with a check-then-create pattern followed by tar.extractall(path=self.data_path), allowing a local attacker who pre-plants a symlink at the predictable path to cause archive contents to b

2026-07-09
CVE-2026-13492 HIGH

The UsersWP plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 1.2.65. This is due to insufficient validation of file-field values in the UsersWP_Validation::validate_fields() function (which falls through to sanitize_text_field() for fields of type 'file', leaving directory-traversal sequences intact) combined with the UsersWP_Forms::upload_file_remove

2026-07-09
CVE-2025-63579 HIGH ⚠ EXPLOIT AVAILABLE

Unauthorized use of Kyocera printers, allows all information stored in the Kyocera address book to be exported. The security measure that encrypts incoming data ian be bypassed with this vulnerability, allowing encrypted data to be decrypted. Passwords and other sensitive information can be obtained. This affects Kyocera Command Center RX TASKalfa 2552ci, TASKalfa 3252ci, TASKalfa 2553ci, TASKalfa

PoC: barisbaydur/CVE-2025-63579
2026-07-09
CVE-2026-61343 HIGH ⚠ EXPLOIT AVAILABLE

LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0.

PoC: nmagill123/CVE-2026-61343-poc-librebooking-rce
2026-07-09
CVE-2026-61344 MEDIUM

The Superior Court of California Hearing Reminder Service at https://www.hrs.courts.ca.gov exposes an API endpoint that returns court reminder records containing potentially sensitive information without authentication.

2026-07-09
CVE-2026-59817 MEDIUM

Ghost is a Node.js content management system. From 6.27.0 before 6.44.0, Ghost's public donation checkout flow allowed an unauthenticated attacker to control donation checkout metadata and obtain full paid gift memberships for a minimal payment without exposing customer or member data or stealing money from a site or its members. This issue is fixed in version 6.44.0.

2026-07-09
CVE-2026-59826 CRITICAL

Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on one database-creation code path, allowing an authenticated administrator to register a crafted H2 database connection and execute arbitrary Java code on the Metabase server. This issue is fixed in vers

2026-07-09
CVE-2026-59720 HIGH

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, mock server creation in mock-server.service.ts does not persist the isPublic input field while schema.prisma defaults isPublic to true, causing mock servers linked to private collections to be publicly accessible without authentication and potentially expose sensitive API data. This issue is fixed in version 2026.6.0.

2026-07-09
CVE-2026-59827 CRITICAL

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns of type OTHER without validation, allowing an authenticated user who can run native H2 queries to execu

2026-07-09
CVE-2026-59734 HIGH

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, Coolify's app/Jobs/ApplicationDeploymentJob.php generate_healthcheck_commands() function directly interpolated the health_check_host, health_check_method, and health_check_path parameters into shell commands without proper sanitization, allowing authenticated users to execut

2026-07-09
CVE-2026-59726 CRITICAL

Ruflo is an agent meta-harness for Claude Code and Codex. Prior to 3.16.3, ruflo's default docker-compose deployment exposed the MCP bridge POST /mcp and POST /mcp/:group endpoints without authentication, allowing an unauthenticated network attacker to invoke tools/call to terminal_execute, obtain a shell in the bridge container, read provider API keys, and poison AgentDB learning-store patterns.

2026-07-09
CVE-2026-59721 HIGH

Hoppscotch is an open source API development ecosystem. Prior to 2026.6.0, the updateInfraConfigs GraphQL mutation in admin/infra.resolver.ts accepts an attacker-controlled MAILER_SMTP_URL value, and validateSMTPUrl in utils.ts permits path, query, or fragment content that nodemailer parses into sendmail transport options, allowing an admin to execute arbitrary commands as root in the backend cont

2026-07-09
CVE-2026-59221 HIGH CVSS 7.7 ⚠ EXPLOIT AVAILABLE

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, _sanitize_proxy_path in backend/open_webui/routers/terminals.py decoded proxy paths only eight times, allowing a nine-times percent-encoded ../ traversal value to pass normalization checks and be decoded by the upstream terminal server. This issue is fixed in version 0.10.0.

PoC: open-webui/open-webui · PoC: open-webui/open-webui
2026-07-09
CVE-2026-58378 HIGH

Allwinner H616 TV Box TV98 has ADB enabled and exposed to the network on production. An attacker could request for ADB authorization and gain root level privileges if the victim allows access.

2026-07-09
CVE-2026-55420 HIGH

Discourse is an open-source discussion platform. Prior to 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5, under certain non-default configurations, processing of PDF uploads could be exploited to obtain RCE on the server. This issue is patched in 2026.6.0, 2026.5.1, 2026.4.2, and 2026.1.5.

2026-07-09
CVE-2026-43752 MEDIUM

An authenticated administrator may be able to achieve arbitrary code execution on the host system by uploading a malicious file through the Open Source LLM setup feature in the Admin Console. This vulnerability has been addressed in FileMaker Server 26.0.1.

2026-07-09
CVE-2026-15202 LOW

A security vulnerability has been detected in YzmCMS up to 7.5. Affected is the function get_url of the file /yzmphp/yzmphp.php of the component Header Handler. The manipulation of the argument HTTP_HOST leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respo

2026-07-09
CVE-2026-15195 LOW

A weakness has been identified in apidevtools json-schema-ref-parser up to 15.3.5. This impacts the function Refs.set/Pointer.set in the library lib/pointer.ts. Executing a manipulation can lead to improperly controlled modification of object prototype attributes. The attack can be launched remotely. Upgrading to version 15.3.6 will fix this issue. This patch is called a786bc6afc3674f650496472ee93

2026-07-09
CVE-2026-15204 MEDIUM

A vulnerability was detected in TOTOLINK X5000R 9.1.0cu.2415_B20250515/9.1.0cu.2350_B20230313. Affected by this vulnerability is the function exportOvpn of the file /web/cgi-bin/cstecgi.cgi of the component OpenVPN Export. The manipulation results in path traversal. The attack may be launched remotely.

2026-07-09
CVE-2026-14278 MEDIUM

Description Rejected reason: After further coordination, CVE was determined to not be warranted.

2026-07-09
CVE-2026-59715 LOW CVSS 3.1 ⚠ EXPLOIT AVAILABLE

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.16 before 0.10.0, the Socket.IO server is configured with always_connect=True. The ydoc:awareness:update and ydoc:document:leave Socket.IO handlers accepted collaborative-document events without requiring an authenticated user, allowing unauthorized manipulation of document collaboration state. This issu

PoC: open-webui/open-webui · PoC: open-webui/open-webui
2026-07-09
CVE-2026-59227 MEDIUM CVSS 4.3 ⚠ EXPLOIT AVAILABLE

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.11 before 0.10.0, POST /api/v1/images/edit required only a verified account and did not enforce the global image-edit switch or the per-user image-generation permission, allowing a non-admin user to invoke server-side image editing with administrator-configured provider credentials. This issue is fixed i

PoC: open-webui/open-webui · PoC: open-webui/open-webui
2026-07-09
CVE-2026-59226 LOW CVSS 3.1 ⚠ EXPLOIT AVAILABLE

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0, execute_automation rehydrated automation owners without rechecking that they were still active or still had features.automations, and check_model_access only enforced private-model grants for the exact user role, allowing deactivated pending users to continue scheduled model execution. T

PoC: open-webui/open-webui · PoC: open-webui/open-webui
2026-07-09
CVE-2026-59225 MEDIUM CVSS 5.4 ⚠ EXPLOIT AVAILABLE

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.8.12 before 0.10.0, an authenticated non-admin user with read access to an arena wrapper model can reach a restricted underlying model through task endpoints such as /api/v1/tasks/moa/completions. The normal chat route resolves arena models before the final chat dispatch and therefore re-checks the selecte

PoC: open-webui/open-webui · PoC: open-webui/open-webui
2026-07-09
CVE-2026-59222 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.7.0 before 0.10.0, GET /api/v1/channels//members returned full UserModelResponse objects for channel members, including settings.ui.toolServers[].key and webhook configuration, allowing a normal channel participant to retrieve other users’ sensitive settings. This issue is fixed in version 0.10.0.

2026-07-09
CVE-2026-59224 HIGH

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, backend/open_webui/routers/terminals.py built the ws_terminal upstream URL from an unencoded session_id and appended user_id as a query parameter, allowing query injection to make the terminal backend resolve another user identity; the HTTP proxy path also forwarded X-User-Id as an integrity-unbo

2026-07-09
CVE-2026-59223 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, WEB_FETCH_FILTER_LIST matching compared configured host entries against URL strings and non-label-boundary suffixes, allowing path-based blocklist bypasses such as !internal.example.com in a URL path and sibling-domain matches that did not reflect the intended hostname policy. This issue is fixed

2026-07-09
CVE-2026-59220 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.2 before 0.10.0, the SKILL_MENTION_RE and strip_re regular expressions in backend/open_webui/utils/middleware.py parsed skill mentions with overlapping quantifiers, allowing an authenticated chat message containing to trigger quadratic backtracking and block the asyncio event loop. This issue is fixed in

2026-07-09
CVE-2026-59218 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the /api/v1/auths/signin endpoint looked users up by email and only ran bcrypt password verification when a credential existed, making registered-account attempts measurably slower than missing-email attempts and allowing unauthenticated account enumeration. This issue is fixed in version 0.10.0.

2026-07-09
CVE-2026-59217 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, the file upload path accepted metadata.knowledge_id and auto-linked uploaded files to a target knowledge base without applying the write-access check used by /api/v1/knowledge//file/add, allowing read-only knowledge-base users to add arbitrary files. This issue is fixed in version 0.10.0.

2026-07-09
CVE-2026-59213 LOW

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.6.27 before 0.10.0, get_all_models handlers in routers/openai.py and routers/ollama.py passed a lambda to aiocache key instead of key_builder, causing permission-filtered per-user model lists to share a static cache entry and exposing one user’s model list to another caller during the TTL window. This issu

2026-07-09
CVE-2026-59215 LOW

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, channel thread parent and reply handling did not bind parent_id to the channel in the URL, allowing an authenticated user to reference a message from another private or DM channel and disclose thread context across channels. This issue is fixed in version 0.10.0.

2026-07-09
CVE-2026-59216 HIGH

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, get_event_call delivered execute:python and execute:tool Socket.IO events to a client-supplied session_id after checking only that the session was connected, allowing authenticated users who learned another socket ID through ydoc:document:join to run code interpreter Python or tools in that user

2026-07-09
CVE-2026-59214 HIGH

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue authenticated same-origin requests when a victim clicks Run, which can reach admin-only endpoints and ex

2026-07-09
CVE-2026-59219 HIGH

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.0 before 0.10.0 with Redis configured, Socket.IO connect, user-join, join-channels, join-note, and the terminal websocket first-message authentication used decode_token without the Redis-backed is_valid_token revocation check, allowing revoked JWTs to continue authenticating realtime connections. This is

2026-07-09
CVE-2026-53987 HIGH

The Tag plugin for GLPI 11 before 2.14.4 stores the tag name without HTML sanitization and renders it into the Kanban badge markup via PluginTagTag::preKanbanContent() without output escaping, resulting in stored cross-site scripting. An authenticated user with TAG MANAGEMENT create or update rights can set a tag name containing HTML, which then executes in the browser of any user who opens the Ka

2026-07-09
CVE-2026-51606 HIGH

An improper input handling vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) causes the device to abruptly terminate the TCP connection with a RST packet when a request containing an oversized field value is received, without returning any RFC 2326-compliant error response. This behavior affects the request-line URL field and header field values across multiple RTSP request

2026-07-09
CVE-2026-59209 HIGH

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated member with use-only editor access to a shared workflow could read credential-populated headers exposed via the $request object inside an HTTP Request node's pagination expression and exfiltrate the secret through item data. This issue is fixed in versions 1.123.61, 2.27.4, and 2.28.1.

2026-07-09
CVE-2026-59212 MEDIUM

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. From 0.9.6 before 0.10.0, _verify_knowledge_file_access only checked read access while file write and delete routes later trusted object-derived access through writable model meta.knowledge entries, allowing a user with read-only knowledge file access to upgrade to file write or delete operations. This issue is f

2026-07-09
CVE-2026-51605 HIGH

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.991) allows an unauthenticated remote attacker to cause a denial of service via a crafted TEARDOWN request.

2026-07-09
CVE-2026-58459 HIGH

gpsd through release-3.27.5, fixed at commit 4c06658, contains a command injection vulnerability in gpsprof that allows attackers who control the GPS device subtype value to execute arbitrary shell commands by embedding backtick payloads in the gnuplot plot title without proper escaping. The subtype field sourced from a DEVICES JSON log entry or NMEA PGRMT sentence is written into a generated gnup

2026-07-09
CVE-2026-51603 HIGH

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted second SETUP request. After completing the OPTIONS, DESCRIBE, and a legitimate first SETUP request to obtain a valid session ID, the RTSP service's second-stage URL routing parser fails to validate the length of

2026-07-09
CVE-2026-51604 HIGH

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request.

2026-07-09
CVE-2026-51601 HIGH

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handshake can send a PLAY request with an excessively long clock= value to cause the RTSP service to crash.

2026-07-09
CVE-2026-51599 MEDIUM

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding message body. The affected RTSP parser enters a body-waiting state instead of rejecting the malformed

2026-07-09
CVE-2026-51597 MEDIUM

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without knowledge of the device credentials, gaining unauthorized access to the live video stream.

2026-07-09
CVE-2026-51598 MEDIUM

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n) allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line.

2026-07-09
CVE-2026-51602 HIGH

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL field in the first SETUP request. By supplying a URL consisting of exactly four consecutive repetitions o

2026-07-09
CVE-2026-51600 HIGH

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests (including DESCRIBE, SETUP, and PLAY methods). When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting state, causing the affected TCP connection to become permanently non-functional. The device does not ac

2026-07-09
CVE-2026-15194 LOW

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amf_context_final of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and may be used for attacks.

2026-07-09
CVE-2026-15308 HIGH

The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.

2026-07-09
CVE-2026-15190 MEDIUM

A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

2026-07-09
CVE-2026-15192 MEDIUM

A vulnerability has been found in mettle sendportal up to 3.0.1. This issue affects the function sendgrid/postmark/postal/mailjet of the component APIv1 Webhooks. The manipulation leads to missing authentication. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but

2026-07-09
CVE-2026-15193 LOW

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The pull request to f

2026-07-09
CVE-2026-15191 LOW

A flaw has been found in mettle sendportal up to 3.0.1. This vulnerability affects unknown code of the file vendor/mettle/sendportal-core/src/Http/Requests/CampaignStoreRequest.php of the component Campaign Creation Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of th

2026-07-09
CVE-2026-13462 HIGH

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends.

2026-07-09
CVE-2026-13461 CRITICAL

When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device.

2026-07-09
CVE-2026-61474 MEDIUM

An improper authorization check in MISP’s attribute creation endpoint allowed an authenticated user with permission to add attributes to submit a sharing_group_id without triggering the corresponding sharing group authorization check, as long as the attribute distribution value was not explicitly set to 4 — “sharing group”. As a result, a user could reference or associate an attribute with a shari

2026-07-09
CVE-2026-59208 HIGH

n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacker with a valid token from one trusted issuer and a sub matching a victim under another issuer to authen

2026-07-09
CVE-2026-59206 HIGH

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated requests to be treated as a privileged user and exposing user and project listing endpoints. This issue is fi

2026-07-09
CVE-2026-59207 HIGH

n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a shared credential to send its secret to an external server they control. This issue is fixed in versions 2

2026-07-09
CVE-2026-58125 MEDIUM

Description Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

2026-07-09
CVE-2026-42486 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.html#rbac-roles The pool-admin role is fully privileged. Notably, users with this rol

2026-07-09
CVE-2026-23561 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.html#rbac-roles The pool-admin role is fully privileged. Notably, users with this rol

2026-07-09
CVE-2026-23562 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.html#rbac-roles The pool-admin role is fully privileged. Notably, users with this rol

2026-07-09
CVE-2026-15187 LOW

A security flaw has been discovered in enquirer up to 2.4.1. Affected is the function Enquirer.set of the component Public Package API. The manipulation of the argument question.name results in improperly controlled modification of object prototype attributes. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The project was informed of t

2026-07-09
CVE-2026-23560 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.html#rbac-roles The pool-admin role is fully privileged. Notably, users with this rol

2026-07-09
CVE-2026-15188 LOW

A weakness has been identified in manjurulhoque django-job-portal up to dfa352f305bba44445ac5dc12e9b2a98c9dcd71f. Affected by this vulnerability is the function EditEmployeeProfileAPIView of the file accounts/api/views.py of the component Employee Dashboard Endpoint. This manipulation of the argument role causes improper access controls. The attack may be initiated remotely. The exploit has been m

2026-07-09
CVE-2026-23559 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-release/rbac-overview.html#rbac-roles The pool-admin role is fully privileged. Notably, users with this rol

2026-07-09
CVE-2026-15189 MEDIUM

A security vulnerability has been detected in aerostackdev aerostack-mcp up to 6315dfde7df0a15aaf743f88d91347115e09ba23. Affected by this issue is the function upload_media of the component mcp-whatsapp. Such manipulation of the argument media_url leads to server-side request forgery. The attack may be launched remotely. This product operates on a rolling release basis, ensuring continuous deliver

2026-07-09
CVE-2026-23556 CRITICAL

When oxenstored is tearing a domain down, the node data is cleaned up but the usage counts are leaked. When the domain ID is eventually reused, the new domain can create fewer nodes before beeing deemed to be over quota.

2026-07-09
CVE-2026-11404 HIGH

Cesanta Mongoose before 7.22 contains an out-of-bounds read in the built-in TLS server function mg_tls_server_recv_hello(), which uses an attacker-controlled session_id_len byte from a TLS ClientHello as a buffer index without validating it against the length of received data. A remote, unauthenticated attacker can send a single crafted ClientHello with an oversized session id length to read past

2026-07-09
CVE-2025-27464 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. These are: 1. XenCons, CVE-2025-27462 2. XenIface, CVE-2025-27463 3. XenBus, CVE-2025-27464

2026-07-09
CVE-2025-58151 CRITICAL

varstored is a component of the Xapi toolstack handling UEFI Variables for a VM. It has a communication path with OVMF inside the VM involving mapping a buffer prepared by OVMF. Within varstored, there were insufficient compiler barriers, creating TOCTOU issues with data in the shared buffer. The exact vulnerable behaviour depends on the code generated by the compiler. In a build of varstored usin

2026-07-09
CVE-2025-27462 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. These are: 1. XenCons, CVE-2025-27462 2. XenIface, CVE-2025-27463 3. XenBus, CVE-2025-27464

2026-07-09
CVE-2025-58146 CRITICAL

There are multiple issues. 1. Updates to the XAPI database sanitise input strings, but try generating the notification using the unsanitised input. This causes the database's event thread to terminate and cease further processing. 2. XAPI's UTF-8 encoder implements v3.0 of the Unicode spec, but XAPI uses libraries which conform to the stricter v3.1 of the Unicode spec. This causes some strings to

2026-07-09
CVE-2025-27463 CRITICAL

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] The Windows PV drivers expose various facilities to userspace. Several of these have no security descriptor, and are therefore fully accessible to unprivileged users. These are: 1. XenCons, CVE-2025-27462 2. XenIface, CVE-2025-27463 3. XenBus, CVE-2025-27464

2026-07-09
CVE-2026-60108 HIGH

Zeek before 8.0.9 contains an uncontrolled memory consumption vulnerability in the FTP analyzer that allows unauthenticated remote attackers to cause process termination by sending a crafted FTP control session negotiating AUTH GSSAPI followed by a large ADAT control line. Attackers can exploit the NVT_Analyzer component's lack of a maximum line length check, causing it to continuously double its

2026-07-09
CVE-2026-60109 HIGH

Zeek before 8.0.9 contains a null pointer dereference vulnerability in its Kerberos protocol analyzer that allows unauthenticated remote attackers to crash the sensor by sending a crafted KRB_ERROR message with error-code 25 (KDC_ERR_PREAUTH_REQUIRED) containing a PA-DATA element with padata-type 2, 3, 11, or 19. Attackers can exploit a parser and analyzer state mismatch where proc_padata() derefe

2026-07-09
CVE-2026-5005 MEDIUM

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Twiser Informatics Technology Consulting, Trade and Education Inc. OKRs & Goals allows Stored XSS. This issue affects OKRs & Goals: from 28220 before 28398.

2026-07-09
CVE-2026-56292 CRITICAL

A SQLi vulnerability in AcyMailing component

2026-07-09
CVE-2026-54800 MEDIUM

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions

2026-07-09
CVE-2026-54798 HIGH

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions

2026-07-09
CVE-2026-54801 HIGH

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions

2026-07-09
CVE-2026-54799 HIGH

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions

2026-07-09
CVE-2026-60095 MEDIUM

Vinchin Backup & Recovery through 9.0.0.86562 contains a stack buffer overflow vulnerability in the ModuleHandShake function of the agentlink_server service that allows unauthenticated remote attackers to overwrite the saved return address by supplying an oversized _listen_uuid field that is measured via strlen() and copied without bounds checking into a fixed-length stack buffer using strcpy(). A

2026-07-09
CVE-2026-60094 MEDIUM

Vinchin Backup & Recovery through 9.0.0.86562 contains a heap buffer overflow vulnerability that allows unauthenticated remote attackers to cause process crash or memory corruption by sending a malformed TCP packet with an unchecked body_len field to the agentlink_server service. Attackers can craft a malicious packet that passes an attacker-controlled length directly to recv(), triggering a heap

2026-07-09
CVE-2026-4256 HIGH

Improper neutralization of special elements used in an LDAP query ('LDAP injection') vulnerability in PEAKUP Technology Inc. PassGate allows LDAP Injection. This issue affects PassGate: through 30042026.

2026-07-09
CVE-2026-15186 LOW

A vulnerability was identified in macrozheng mall up to 1.0.3. This impacts an unknown function of the file /returnApply/create of the component Portal Endpoint. The manipulation of the argument orderId leads to improper control of resource identifiers. The attack can be initiated remotely. The exploit is publicly available and might be used. The vendor deleted the GitHub issue for this vulnerabil

2026-07-09
CVE-2026-15185 LOW

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsub_read_idx of the file /src/media_tools/vobsub.c of the component MP4Box. Executing a manipulation of the argument num_langs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This patch is called 532097084729a936bcdf6a27c41003f3bd7dc3f

2026-07-09
CVE-2026-14261 CRITICAL

A vulnerability in the Xerte Online Tools allows for authentication bypass and remote code execution via reinstallation through the /setup/ folder, enabling attackers to reinstall the service to a remote database they control.

2026-07-09
CVE-2026-12879 MEDIUM

An Improper Input Validation vulnerability in BigQuery DAO in Google Cloud Apigee versions prior to 2026-06-12 on Google Cloud Platform allows an authenticated attacker to exfiltrate cross-tenant data. This vulnerability was patched on 12 June 2026 on the Apigee Servers, and no customer action is needed.

2026-07-09