CVEs from 2026
Total
14,084
critical
critical 1,231
high
high 4,630
medium
medium 4,443
low
low 483
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 505
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 239
- openclaw 172
- commerce 104
- commerce_b2b 89
- grafana 80
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24554 | medium | 4.3 | 4.3 | 8d ago | Cross-Site Request Forgery (CSRF) vulnerability in Convers Lab WPSubscription allows Cross Site Request Forgery. This issue affects WPSubscription: from n/a through 1.9.1. | |||
| CVE-2026-24527 | medium | 4.3 | 4.3 | 8d ago | Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels. This issue … | |||
| CVE-2026-24597 | medium | 4.3 | 4.3 | 8d ago | Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart allows Cross Site Request Forgery. This issue affects Organization chart: from n/a through 1.7.5. | |||
| CVE-2026-24545 | medium | 4.3 | 4.3 | 8d ago | Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QR Redirector: from n/a through 2.0.3. | |||
| CVE-2026-9486 | medium | 4.3 | 4.3 | 8d ago | A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be exe… | |||
| CVE-2026-9467 | medium | 4.3 | 4.3 | 8d ago | A vulnerability was identified in debugmcp mcp-debugger up to 0.20.0. Impacted is the function handleGetSourceContext of the file src/server.ts. The manipulation leads to path traversal. The attack i… | |||
| CVE-2026-9448 | medium | 4.3 | 4.3 | 9d ago | A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown function of the file /applyleave.php. Executing a manipulation of the argument ID can lead to c… | |||
| CVE-2026-9419 | medium | 4.3 | 4.3 | 9d ago | A vulnerability has been found in code-projects Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /empproject.php. The manipulation of the argument ID l… | |||
| CVE-2026-9418 | medium | 4.3 | 4.3 | 9d ago | A flaw has been found in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepassemp.php. Executing a manipulation of the argum… | |||
| CVE-2026-9417 | medium | 4.3 | 4.3 | 9d ago | A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cro… | |||
| CVE-2026-9416 | medium | 4.3 | 4.3 | 9d ago | A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to … | |||
| CVE-2026-9415 | medium | 4.3 | 4.3 | 9d ago | A weakness has been identified in code-projects Employee Management System 1.0. This affects an unknown function of the file /eloginwel.php. This manipulation of the argument ID causes cross site scr… | |||
| CVE-2026-9413 | medium | 4.3 | 4.3 | 9d ago | A vulnerability was identified in SourceCodester Indian Invoicing System 1.0. The affected element is an unknown function of the file /Invoicing/category.php. The manipulation of the argument msg lea… | |||
| CVE-2026-9410 | medium | 4.3 | 4.3 | 9d ago | A vulnerability has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This vulnerability affects unknown code of the file /profile of the component Profile Workf… | |||
| CVE-2026-9409 | medium | 4.3 | 4.3 | 9d ago | A flaw has been found in Sushmi-pal Invoice-System up to a0a3faa16dee2621b231ae227333f5761607283b. This affects an unknown part of the file /user of the component User Management Handler. This manipu… | |||
| CVE-2026-9358 | medium | 4.3 | 4.3 | 10d ago | A vulnerability was determined in postcss up to 7.1.1. Affected is the function toString of the file src/selectors/container.js of the component AST Serialization. Executing a manipulation can lead t… | |||
| CVE-2026-9303 | medium | 4.3 | 4.3 | 10d ago | A vulnerability was identified in calcom cal.diy up to 4.9.4. Impacted is an unknown function. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Th… | |||
| CVE-2026-40864 | medium | 4.3 | 4.3 | 11d ago | JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection (updated in 4.1.0) inappropriately treated requests with… | |||
| CVE-2026-9246 | medium | 4.3 | 4.3 | 11d ago | Improper access control in the entry documentation and attachment features in Devolutions Server allows an authenticated user with vault read access to retrieve the documentation and attachments of s… | |||
| CVE-2026-9224 | medium | 4.3 | 4.3 | 11d ago | Missing authorization in the user profile update feature in Devolutions Server allows an authenticated Active Directory user to modify their own profile attributes via a crafted API request. This is… | |||
| CVE-2026-9223 | medium | 4.3 | 4.3 | 11d ago | Missing authorization in the vault import feature in Devolutions Server 2026.1.16.0 and earlier allows a low-privileged authenticated user to create new vaults via a crafted import request. | |||
| CVE-2026-5171 | medium | 4.3 | 4.3 | 11d ago | Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activ… | |||
| CVE-2026-8347 | medium | 4.3 | 4.3 | 11d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR + wrong-authorization-level in the Express association Reorder dialog. This can cause Cross-entity state tampering with view-only permission on one… | |||
| CVE-2026-8340 | medium | 4.3 | 4.3 | 11d ago | Concrete CMS 9.5.0 and below is vulnerable to CSRF via Backend\File::approveVersion. Victim with edit_file_contents permission is CSRF'd into publishing an attacker-chosen previously-uploaded version… | |||
| CVE-2026-4646 | medium | 4.3 | 4.3 | 12d ago | Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to validate user-supplied input in API request handlers which allows an authenticated attacker to cr… | |||
| CVE-2026-3636 | medium | 4.3 | 4.3 | 12d ago | Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to sanitize team member data when returned via API to users without elevated permissions which allow… | |||
| CVE-2026-8692 | medium | 4.3 | 4.3 | 12d ago | The Vedrixa Forms – User Registration Form, Signup Form & Drag & Drop Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.1. This is due … | |||
| CVE-2026-7636 | medium | 4.3 | 4.3 | 12d ago | The Slider by Soliloquy – Responsive Image Slider for WordPress plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 via the map_meta_cap. … | |||
| CVE-2026-7615 | medium | 4.3 | 4.3 | 12d ago | The Widget Context plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.3. This is due to missing or incorrect nonce validation on the save_widge… | |||
| CVE-2026-7249 | medium | 4.3 | 4.3 | 12d ago | The Location Weather plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the `splw_update_block_options()` and `lwp_clean_weather_transients()`… | |||
| CVE-2026-4070 | medium | 4.3 | 4.3 | 12d ago | The Alfie – Feed Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the alfie_manage() fun… | |||
| CVE-2026-2518 | medium | 4.3 | 4.3 | 12d ago | The FastX theme for WordPress is vulnerable to unauthorized limited plugin installation and activation due to missing capability checks on the 'ultp_install_callback' and 'ultp_activate_callback' fun… | |||
| CVE-2026-8327 | medium | 4.3 | 4.3 | 12d ago | Concrete CMS below 9.5.0 and below is vulnerable to password change without reauthorization and session-hardening bypass. The user-profile edit controller passes the entire raw POST array to UserInfo… | |||
| CVE-2026-8236 | medium | 4.3 | 4.3 | 12d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR combined with a missing authentication gate. The endpoint /ccm/system/dialogs/file/usage/{fID} accepts an integer file ID in the URL and returns int… | |||
| CVE-2026-7886 | medium | 4.3 | 4.3 | 12d ago | Concrete CMS 9.5.0 and below is vulnerable to IDOR in AddMessage/UpdateMessage via attachments[] parameter which can lead to file permission bypass. The `AddMessage` and `UpdateMessage` conversation … | |||
| CVE-2026-7882 | medium | 4.3 | 4.3 | 12d ago | Concrete CMS 9.5.0 and below is vulnerable to unauthorized file deletion due to an Inverted CSRF token check in the DeleteFile controller. The code throws an error when the token IS valid and procee… | |||
| CVE-2026-7881 | medium | 4.3 | 4.3 | 12d ago | Concrete CMS 9.5.0 and below is subject to Insecure Direct Object Reference (IDOR) in the Express Entry Detail block via the exEntryID parameter. This IDOR leads to unauthorized access to all Express… | |||
| CVE-2026-4843 | medium | 4.3 | 4.3 | 12d ago | The GSheet For Woo Importer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the process_ajax_restore_action() function in all versions up to, and … | |||
| CVE-2026-27349 | medium | 4.3 | 4.3 | 13d ago | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a t… | |||
| CVE-2026-4055 | medium | 4.3 | 4.3 | 13d ago | Mattermost versions 11.5.x <= 11.5.1 fail to validate team-level run_create permission against the target team when creating a playbook run which allows an authenticated team member to create runs in… | |||
| CVE-2026-1881 | medium | 4.3 | 4.3 | 13d ago | The Broadstreet plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.52.2 via the get_sponsored_meta AJAX action due to missing validation on… | |||
| CVE-2026-40094 | medium | 4.3 | 4.3 | 13d ago | nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. In versions 1.3.0 and prior, network-libp2p discovery accepts signed PeerContact updates from untrusted peers and s… | |||
| CVE-2026-9116 | medium | 4.3 | 4.3 | 13d ago | Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-9115 | medium | 4.3 | 4.3 | 13d ago | Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severi… | |||
| CVE-2026-9113 | medium | 4.3 | 4.3 | 13d ago | Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9101 | medium | 4.3 | 4.3 | 13d ago | Prototype pollution in csv parsing logic during import can lead to untrusted file paths (but not arguments) entering shell.openExternal after specific user behavior leading to "1-click" command execu… | |||
| CVE-2026-27424 | medium | 4.3 | 4.3 | 14d ago | Missing Authorization vulnerability in WP Chill Image Photo Gallery Final Tiles Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Image Photo Gallery F… | |||
| CVE-2026-6405 | medium | 4.3 | 4.3 | 14d ago | The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) in versions up to and including 0.… | |||
| CVE-2026-6566 | medium | 4.3 | 4.3 | 14d ago | The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to and including 4.2.0. This is due to insuffic… | |||
| CVE-2026-44392 | medium | 4.3 | 4.3 | 14d ago | Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update processing may be execute… | |||
| CVE-2026-5075 | medium | 4.3 | 4.3 | 14d ago | The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal o… | |||
| CVE-2026-8610 | medium | 4.3 | 4.3 | 14d ago | The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user… | |||
| CVE-2026-8424 | medium | 4.3 | 4.3 | 14d ago | The Remove Yellow BGBOX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'rybb_a… | |||
| CVE-2026-8423 | medium | 4.3 | 4.3 | 14d ago | The JaviBola Custom Theme Test plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on th… | |||
| CVE-2026-8419 | medium | 4.3 | 4.3 | 14d ago | The Amazon Scraper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on a function. This… | |||
| CVE-2026-8418 | medium | 4.3 | 4.3 | 14d ago | The Games Catalog plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.0. This is due to missing or incorrect nonce validation on the gc_crud() funct… | |||
| CVE-2026-6452 | medium | 4.3 | 4.3 | 14d ago | The Bigfishgames Syndicate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the bigf… | |||
| CVE-2026-6401 | medium | 4.3 | 4.3 | 14d ago | The Bottom Bar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 0.1.7. This is due to missing nonce verification on the plugin's settings update fo… | |||
| CVE-2026-6400 | medium | 4.3 | 4.3 | 14d ago | The Child Height Predictor by Ostheimer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.3. This is due to missing nonce verification in the opti… | |||
| CVE-2026-45442 | medium | 4.3 | 4.3 | 15d ago | Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.… | |||
| CVE-2026-37981 | medium | 4.3 | 4.3 | 15d ago | A flaw was found in Keycloak. A broken access control vulnerability in the Account Resources user lookup endpoint allows a remote authenticated user, who owns at least one User-Managed Access (UMA) r… | |||
| CVE-2026-8830 | medium | 4.3 | 4.3 | 15d ago | A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs because the server-side … | |||
| CVE-2026-33514 | medium | 4.3 | 4.3 | 15d ago | Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, an authenticated user on a Discourse instance with the form templates feature… | |||
| CVE-2026-32312 | medium | 4.3 | 4.3 | 15d ago | GLPI is a free asset and IT management software package. In versions 11.0.0 through 11.0.6, an authenticated user with forms READ permission can export the structure of unauthorized forms. This issue… | |||
| CVE-2026-8802 | medium | 4.3 | 4.3 | 16d ago | A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file app/Controllers/Items.php. The manipulation of the argumen… | |||
| CVE-2026-6343 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't check public/private permissions | |||
| CVE-2026-6339 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't validate the X-Requested-With header on the burn-on-read reveal endpoint | |||
| CVE-2026-4286 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't check if {{team_id}} was being changed when updating playbooks | |||
| CVE-2026-28732 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't enforce slash command trigger-word uniqueness during command updates | |||
| CVE-2026-6342 | medium | 4.3 | 4.3 | 16d ago | Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via … | |||
| CVE-2026-6341 | medium | 4.3 | 4.3 | 16d ago | Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multip… | |||
| CVE-2026-4273 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't validate that the RefreshedToken differs from the original invite token during remote cluster invite confirmation | |||
| CVE-2026-3637 | medium | 4.3 | 4.3 | 16d ago | Mattermost doesn't check the create_post channel permission during post edit operations | |||
| CVE-2026-28759 | medium | 4.3 | 4.3 | 16d ago | Mattermost does not verify remote cluster channel access when processing shared channel membership removals | |||
| CVE-2026-8783 | medium | 4.3 | 4.3 | 16d ago | AMF Vulnerable to Improper Resource Shutdown or Release | |||
| CVE-2026-8782 | medium | 4.3 | 4.3 | 16d ago | AMF Vulnerable to Improper Resource Shutdown or Release | |||
| CVE-2026-8781 | medium | 4.3 | 4.3 | 16d ago | AMF Vulnerable to Improper Resource Shutdown or Release | |||
| CVE-2026-8780 | medium | 4.3 | 4.3 | 16d ago | AMF Improperly Restricts Operations within the Bounds of a Memory Buffer | |||
| CVE-2026-8779 | medium | 4.3 | 4.3 | 16d ago | AMF Improperly Restricts Operations within the Bounds of a Memory Buffer | |||
| CVE-2026-45009 | medium | 4.3 | 4.3 | 18d ago | phpMyFAQ before 4.1.2 contains an insufficient authorization vulnerability in admin-api routes that allows authenticated ordinary users to access administrative endpoints by only checking login statu… | |||
| CVE-2026-45387 | medium | 4.3 | 4.3 | 18d ago | Open WebUI: Sharing models for others to use (read permission) also exposes model details (system prompt leakage) | |||
| CVE-2026-45385 | medium | 4.3 | 4.3 | 18d ago | Open WebUI has an IDOR vulnerability in the update_message_by_id API endpoint | |||
| CVE-2026-44559 | medium | 4.3 | 4.3 | 18d ago | Open WebUI Missing Access Check on Channel Members Endpoint for Standard Channels | |||
| CVE-2026-4053 | medium | 4.3 | 4.3 | 18d ago | Mattermost doesn't enforce the PostEditTimeLimit on non-message post fields | |||
| CVE-2026-45007 | medium | 4.3 | 4.3 | 18d ago | phpMyFAQ before 4.1.2 contains missing permission checks in ConfigurationTabController.php where 12 endpoints use userIsAuthenticated() instead of userHasPermission(CONFIGURATION_EDIT). Any authentic… | |||
| CVE-2026-8425 | medium | 4.3 | 4.3 | 19d ago | The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the _updateSettin… | |||
| CVE-2026-7563 | medium | 4.3 | 4.3 | 19d ago | The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 5.3.10. This is due to t… | |||
| CVE-2026-45386 | medium | 4.3 | 4.3 | 19d ago | Open WebUI has an IDOR vulnerability in the pin_channel_message API endpoint | |||
| CVE-2026-8576 | medium | 4.3 | 4.3 | 19d ago | Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security sev… | |||
| CVE-2026-8567 | medium | 4.3 | 4.3 | 19d ago | Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-8566 | medium | 4.3 | 4.3 | 19d ago | Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium sec… | |||
| CVE-2026-8563 | medium | 4.3 | 4.3 | 19d ago | Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium se… | |||
| CVE-2026-8562 | medium | 4.3 | 4.3 | 19d ago | Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Mediu… | |||
| CVE-2026-8560 | medium | 4.3 | 4.3 | 19d ago | Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium securi… | |||
| CVE-2026-8559 | medium | 4.3 | 4.3 | 19d ago | Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium secu… | |||
| CVE-2026-8552 | medium | 4.3 | 4.3 | 19d ago | Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity… | |||
| CVE-2026-8537 | medium | 4.3 | 4.3 | 19d ago | Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: H… | |||
| CVE-2026-8528 | medium | 4.3 | 4.3 | 19d ago | Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a … | |||
| CVE-2026-45148 | medium | 4.3 | 4.3 | 19d ago | SiYuan has broken access control in `/api/search/{searchAsset,searchTag,searchWidget,searchTemplate}` publish-mode | |||
| CVE-2026-45147 | medium | 4.3 | 4.3 | 19d ago | SiYuan: Broken access control in `/api/tag/getTag` — Reader role can mutate `Conf.Tag.Sort` and persist to disk |