CVEs from 2026
Total
13,362
critical
critical 1,116
high
high 3,953
medium
medium 4,013
low
low 420
% Critical
8.4%
% with KEV
0.4%
% with exploit
0.4%
Top products
- chrome 299
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 221
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-44796 | medium | 6.5 | 6.5 | 15d ago | Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, Nautobot UI object-bulk-rename endpoints (for example, /dcim/interfaces/rename/) were vulnerable to a… | |
| CVE-2026-4608 | medium | 6.5 | 6.5 | 15d ago | The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insuffic… | |
| CVE-2026-37429 | medium | 6.5 | 6.5 | 15d ago | qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive dat… | |
| CVE-2026-37428 | medium | 6.5 | 6.5 | 15d ago | qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysDeptMapper.xml file. This vulnerability allows attackers to access sensitive dat… | |
| CVE-2026-25107 | medium | 6.5 | 6.5 | 15d ago | ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of… | |
| CVE-2026-5545 | medium | 6.5 | 6.5 | 15d ago | libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTP(S) request after a Negotiate-authenticated one, when both use the same host. libcurl features a … | |
| CVE-2026-4782 | medium | 6.5 | 6.5 | 15d ago | The Avada Builder plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.15.2 via the 'fusion_get_svg_from_file' function with the 'custom_svg' parameter of… | |
| CVE-2026-7619 | medium | 6.5 | 6.5 | 16d ago | The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, a… | |
| CVE-2026-8336 | medium | 6.5 | 6.5 | 16d ago | After invoking $_internalJsEmit, which is not intended to be directly accessible, or mapreduce command’s map function in a certain way, an authenticated user can subsequently crash mongod when the se… | |
| CVE-2026-8202 | medium | 6.5 | 6.5 | 16d ago | Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilizatio… | |
| CVE-2026-8199 | medium | 6.5 | 6.5 | 16d ago | An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and … | |
| CVE-2026-28942 | medium | 6.5 | 6.5 | 16d ago | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processin… | |
| CVE-2026-28902 | medium | 6.5 | 6.5 | 16d ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously c… | |
| CVE-2026-28946 | medium | 6.5 | 6.5 | 16d ago | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, macOS Tahoe 26.5. Processing maliciously crafted web content may lead to an unexpected Safari… | |
| CVE-2026-28903 | medium | 6.5 | 6.5 | 16d ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS … | |
| CVE-2026-44347 | medium | 6.5 | 6.5 | 16d ago | Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. Prior to 0.23.3, the SSO flow does not validate the state parameter, which makes it possible for an attacker to trick a user in… | |
| CVE-2026-44223 | medium | 6.5 | 6.5 | 16d ago | vLLM is an inference and serving engine for large language models (LLMs). From to before 0.20.0, the extract_hidden_states speculative decoding proposer in vLLM returns a tensor with an incorrect sh… | |
| CVE-2026-44204 | medium | 6.5 | 6.5 | 16d ago | Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user (any role)… | |
| CVE-2026-42891 | medium | 6.5 | 6.5 | 16d ago | User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | |
| CVE-2026-42830 | medium | 6.5 | 6.5 | 16d ago | Untrusted search path in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. | |
| CVE-2026-42175 | medium | 6.5 | 6.5 | 16d ago | requests-hardened is Vulnerable to Server-Side Request Forgery | |
| CVE-2026-40374 | medium | 6.5 | 6.5 | 16d ago | Exposure of sensitive information to an unauthorized actor in Power Automate allows an authorized attacker to disclose information over a network. | |
| CVE-2026-35422 | medium | 6.5 | 6.5 | 16d ago | Authentication bypass using an alternate path or channel in Windows TCP/IP allows an authorized attacker to bypass a security feature over a network. | |
| CVE-2026-34350 | medium | 6.5 | 6.5 | 16d ago | Null pointer dereference in Windows Storport Miniport Driver allows an unauthorized attacker to deny service over a network. | |
| CVE-2026-31244 | medium | 6.5 | 6.5 | 16d ago | The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories/{memory_id}). The endpoint allows unauthenticated users to delete arbitrar… | |
| CVE-2026-31243 | medium | 6.5 | 6.5 | 16d ago | The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacke… | |
| CVE-2026-31241 | medium | 6.5 | 6.5 | 16d ago | mem0 server lacks authentication and authorization controls for its memory deletion API endpoint | |
| CVE-2026-25690 | medium | 6.5 | 6.5 | 16d ago | An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2… | |
| CVE-2026-40300 | medium | 6.5 | 6.5 | 16d ago | Zulip is an open-source team collaboration tool. Prior to 12.0, With message_edit_history_visibility_policy set to "moves", /api/v1/messages/{id}/history still returns historical content values, allo… | |
| CVE-2026-8368 | medium | 6.5 | 6.5 | 16d ago | LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before … | |
| CVE-2026-8109 | medium | 6.5 | 6.5 | 16d ago | An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials. | |
| CVE-2026-40016 | medium | 6.5 | 6.5 | 16d ago | Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130 times of the configured limit. Attacker can use this to deg… | |
| CVE-2026-6402 | medium | 6.5 | 6.5 | 17d ago | webpack-dev-server vulnerable to cross-origin source code exposure on non-HTTPS origins | |
| CVE-2026-5028 | medium | 6.5 | 6.5 | 17d ago | The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the `pp-get-articles` AJAX action in all versions up to, and includ… | |
| CVE-2026-7255 | medium | 6.5 | 6.5 | 17d ago | ** UNSUPPORTED WHEN ASSIGNED ** An improper restriction of excessive authentication attempts vulnerability in the web management interface of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could a… | |
| CVE-2026-40135 | medium | 6.5 | 6.5 | 17d ago | An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authenticated attacker with administrative access to execute specially c… | |
| CVE-2026-7010 | medium | 6.5 | 6.5 | 17d ago | HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host t… | |
| CVE-2026-44695 | medium | 6.5 | 6.5 | 17d ago | Outline is a service that allows for collaborative documentation. Prior to 1.7.1, the Slack integration callback for GET /auth/slack.post accepts an unsigned, session-independent OAuth state value. A… | |
| CVE-2026-43889 | medium | 6.5 | 6.5 | 17d ago | Outline is a service that allows for collaborative documentation. Prior to 1.7.0, the shares.create API accepts both collectionId and documentId simultaneously and, when published=false, only verifie… | |
| CVE-2026-34960 | medium | 6.5 | 6.5 | 17d ago | barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the options pointer remains within … | |
| CVE-2026-42883 | medium | 6.5 | 6.5 | 17d ago | Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in t… | |
| CVE-2026-42316 | medium | 6.5 | 6.5 | 17d ago | kafka-sink-azure-kusto Kafka Connect plugin is the official Microsoft sink for Azure Data Explorer (Kusto). Prior to 5.2.3, kafka-sink-azure-kusto did not sanitize user-controlled values inside the k… | |
| CVE-2026-42315 | medium | 6.5 | 6.5 | 17d ago | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_… | |
| CVE-2026-42314 | medium | 6.5 | 6.5 | 17d ago | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, package folder names are sanitized using insufficient string replacement. The pattern ....// becomes .._ … | |
| CVE-2026-8292 | medium | 6.5 | 6.5 | 17d ago | A security vulnerability has been detected in Open5GS up to 2.7.7. The affected element is the function yuarel_parse in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argu… | |
| CVE-2026-8291 | medium | 6.5 | 6.5 | 17d ago | A weakness has been identified in Open5GS up to 2.7.7. Impacted is the function ogs_nnrf_nfm_handle_nf_profile of the file lib/sbi/nnrf-handler.c of the component NRF. This manipulation causes denial… | |
| CVE-2026-7820 | medium | 6.5 | 6.5 | 17d ago | pgAdmin 4: Improper restriction of excessive authentication attempts | |
| CVE-2026-7817 | medium | 6.5 | 6.5 | 17d ago | pgAdmin 4 contains local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities | |
| CVE-2026-44199 | medium | 6.5 | 6.5 | 17d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to form pages could delete submissions to form pages they don't hav… | |
| CVE-2026-44197 | medium | 6.5 | 6.5 | 17d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability to edit a page could access revisions of the page through the revis… | |
| CVE-2026-31246 | medium | 6.5 | 6.5 | 17d ago | GPT-Pilot contains a command injection vulnerability in the Executor.run() method | |
| CVE-2026-8290 | medium | 6.5 | 6.5 | 17d ago | A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipulat… | |
| CVE-2026-8289 | medium | 6.5 | 6.5 | 17d ago | A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF. The manipu… | |
| CVE-2026-8288 | medium | 6.5 | 6.5 | 17d ago | A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsm_handle_pdu_session_modification_qos_flow_descriptions of the file src/smf/gsm-handler.c of the component SMF. Exec… | |
| CVE-2026-43826 | medium | 6.5 | 6.5 | 18d ago | The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embed… | |
| CVE-2026-41018 | medium | 6.5 | 6.5 | 18d ago | The Elasticsearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the em… | |
| CVE-2026-5084 | medium | 6.5 | 6.5 | 18d ago | WebDyne::Session versions through 2.075 for Perl generates the session id insecurely. The session handler generates the session id from an MD5 hash seeded with a call to the built-in rand() function… | |
| CVE-2026-8270 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_nas_parse_qos_rules of the component SMF. Executing a manipulation can lead to denial of service. The a… | |
| CVE-2026-8269 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smf_nsmf_handle_create_sm_context of the component SMF. Performing a manipulation results in denial of service. Remote explo… | |
| CVE-2026-8268 | medium | 6.5 | 6.5 | 18d ago | A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads to denial of service. The attack may be launch… | |
| CVE-2026-8267 | medium | 6.5 | 6.5 | 18d ago | A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_created_data_in_vsmf of the component SMF. This manipulation causes denial of service. The attack… | |
| CVE-2026-8266 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsm_build_pdu_session_establishment_accept of the file /src/smf/gsm-build.c of the component SMF. The manipulation resul… | |
| CVE-2026-8252 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf_nsmf_handle_create_data_in_hsmf of the component SMF. Executing a manipulation can lead to null pointer dereference… | |
| CVE-2026-28956 | medium | 6.5 | 6.5 | 18d ago | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, vision… | |
| CVE-2026-28972 | medium | 6.5 | 6.5 | 18d ago | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, ma… | |
| CVE-2026-28920 | medium | 6.5 | 6.5 | 18d ago | An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe … | |
| CVE-2026-28918 | medium | 6.5 | 6.5 | 18d ago | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a malicio… | |
| CVE-2026-28878 | medium | 6.5 | 6.5 | 18d ago | A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.7, macOS Sonoma 14.8.5, macOS Tahoe 26.4, t… | |
| CVE-2026-28922 | medium | 6.5 | 6.5 | 18d ago | This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information. | |
| CVE-2026-8251 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was found in Open5GS up to 2.7.7. This impacts the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. Performing a manipulation resu… | |
| CVE-2026-8250 | medium | 6.5 | 6.5 | 18d ago | A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smf_n4_build_qos_flow_to_modify_list of the file /src/smf/n4-build.c of the component SMF. Such manipulation leads to … | |
| CVE-2026-8249 | medium | 6.5 | 6.5 | 18d ago | A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation cause… | |
| CVE-2026-8248 | medium | 6.5 | 6.5 | 18d ago | A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. The manipulation… | |
| CVE-2026-45191 | medium | 6.5 | 6.5 | 18d ago | Net::CIDR::Lite versions before 0.24 for Perl does not properly consider extraneous zero characters in CIDR mask values, which may allow IP ACL bypass. Mask forms like "/00" and "/01" pass validatio… | |
| CVE-2026-45190 | medium | 6.5 | 6.5 | 18d ago | Net::CIDR::Lite versions before 0.24 for Perl does not properly validate IP address and CIDR mask inputs, which may allow IP ACL bypass. Inputs containing a trailing newline or non-ASCII digit chara… | |
| CVE-2026-7259 | medium | 6.5 | 6.5 | 19d ago | In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, a mismatch between encoding lists in Oniguruma and mbfl leads to a NULL pointer dereference, re… | |
| CVE-2026-45184 | medium | 6.5 | 6.5 | 19d ago | Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used. | |
| CVE-2026-45181 | medium | 6.5 | 6.5 | 19d ago | Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation (via argument injection), which allows attackers to place their code into a plugins directory if the victim … | |
| CVE-2026-42576 | medium | 6.5 | 6.5 | 19d ago | apko `DiscoverKeys` has a panic on non-rsa jwks key that causes crash during key discovery | |
| CVE-2026-42183 | medium | 6.5 | 6.5 | 20d ago | Argo Affected by SSO RBAC Delegation Nil Pointer Dereference DoS (gatekeeper.go) | |
| CVE-2026-41311 | medium | 6.5 | 6.5 | 20d ago | liquidjs has a Denial of Service via circular block reference in layout | |
| CVE-2026-42346 | medium | 6.5 | 6.5 | 20d ago | Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added in v2.21.4–v2.21.6 share a fundamental TOCTOU (Time-of-Check-Time-of-Use) vulner… | |
| CVE-2026-42209 | medium | 6.5 | 6.5 | 20d ago | FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes… | |
| CVE-2026-44200 | medium | 6.5 | 6.5 | 20d ago | Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to pages could copy a page they don't have access to to an area of … | |
| CVE-2026-42181 | medium | 6.5 | 6.5 | 20d ago | Lemmy has SSRF and internal image disclosure in post link metadata via unvalidated og:image | |
| CVE-2026-41885 | medium | 6.5 | 6.5 | 20d ago | i18next-locize-backend has URL Injection via Unsanitized Path Parameters | |
| CVE-2026-41585 | medium | 6.5 | 6.5 | 20d ago | Zebra Vulnerable to Denial of Service via Interrupted JSON-RPC Requests from Authenticated Clients | |
| CVE-2026-41308 | medium | 6.5 | 6.5 | 20d ago | Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated cre… | |
| CVE-2026-42277 | medium | 6.5 | 6.5 | 21d ago | Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/{file_id} endpoint allows any authenticated user to download any other user's uploaded files by provi… | |
| CVE-2026-8123 | medium | 6.5 | 6.5 | 21d ago | A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogs_sbi_discovery_option_add_snssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes… | |
| CVE-2026-8122 | medium | 6.5 | 6.5 | 21d ago | A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogs_sbi_discovery_option_add_service_names in the library /lib/sbi/message.c of the component NSSF. The manipulation result… | |
| CVE-2026-8121 | medium | 6.5 | 6.5 | 21d ago | A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_parse_plmn_list in the library /lib/sbi/conv.c of the component NSSF. The manipulation leads to den… | |
| CVE-2026-8120 | medium | 6.5 | 6.5 | 21d ago | A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. Exec… | |
| CVE-2026-8113 | medium | 6.5 | 6.5 | 21d ago | A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the compone… | |
| CVE-2026-6736 | medium | 6.5 | 6.5 | 21d ago | An authentication bypass vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to create a local user account, bypassing the configured external identity p… | |
| CVE-2026-33823 | medium | 6.5 | 6.5 | 21d ago | Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network. | |
| CVE-2026-41691 | medium | 6.5 | 6.5 | 21d ago | i18next-http-backend has Path Traversal & URL Injection via Unsanitised lng/ns | |
| CVE-2026-8142 | medium | 6.5 | 6.5 | 21d ago | VINCE versions 3.0.38 and earlier do not properly verify the From address authenticity due to encoding confusion and use the from address for automated actions such as Ticket creation or Ticket updat… | |
| CVE-2026-27892 | medium | 6.5 | 6.5 | 21d ago | FacturaScripts Vulnerable to Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Download | |
| CVE-2026-36387 | medium | 6.5 | 6.5 | 21d ago | A Remote Code Execution vulnerability was found in CODEASTRO Membership Management System v1.0 in /add_members.php. This vulnerability affects the file upload functionality, where improper file sanit… |