200
CVEs
1
Threats
0
News
71
Critical
72
CISA KEV
🛡 Security Vulnerabilities (CVE)
Microsoft Office OLE DLL Side Loading Vulnerability — Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code …
CVE-2016-3298
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability
11:01 KSA
Microsoft Internet Explorer Messaging API Information Disclosure Vulnerability — An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. An attacker who successfully exploited this vulnerability could allow th…
Microsoft Windows Kernel Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Microsoft Internet Explorer and Edge Information Disclosure Vulnerability — An information disclosure vulnerability exists in the way that certain functions in Internet Explorer and Edge handle objects in memory. The vulnerability could allow an attacker to detect specific files …
Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability — A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control…
Oracle Java SE and JRockit Unspecified Vulnerability — Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). This vulnerability …
CVE-2016-3643
SolarWinds Virtualization Manager Privilege Escalation via Sudo Misconfiguration
11:01 KSA
SolarWinds Virtualization Manager Privilege Escalation Vulnerability — SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo.
ImageMagick Improper Input Validation Vulnerability — ImageMagick contains an improper input validation vulnerability that affects the EPHEMERAL, HTTPS, MVG, MSL, TEXT, SHOW, WIN, and PLT coders. This allows a remote attacker to execute arbitrary code via shell metacharacters in …
ImageMagick Arbitrary File Deletion Vulnerability — ImageMagick contains an unspecified vulnerability that could allow users to delete files by using ImageMagick's 'ephemeral' pseudo protocol, which deletes files after reading.
ImageMagick Server-Side Request Forgery (SSRF) Vulnerability — ImageMagick contains an unspecified vulnerability that allows attackers to perform server-side request forgery (SSRF) via a crafted image.
Adobe Flash Player Arbitrary Code Execution Vulnerability — An access of resource using incompatible type vulnerability exists within Adobe Flash Player that allows an attacker to perform remote code execution.
Adobe Flash Player Remote Code Execution Vulnerability — Unspecified vulnerability in Adobe Flash Player allows for remote code execution.
Apache Shiro Code Execution Vulnerability — Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature.
Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability — The WAP interface in Trihedral VTScada (formerly VTS) allows remote attackers to cause a denial-of-service (DoS).
Apple iOS Information Disclosure Vulnerability — The Apple iOS kernel allows attackers to obtain sensitive information from memory via a crafted application.
Apple iOS Memory Corruption Vulnerability — A memory corruption vulnerability in Apple iOS kernel allows attackers to execute code in a privileged context or cause a denial-of-service (DoS) via a crafted application.
Apple iOS Webkit Memory Corruption Vulnerability — Apple iOS WebKit contains a memory corruption vulnerability that allows attackers to execute remote code or cause a denial-of-service (DoS) via a crafted web site. This vulnerability could impact HTML parsers that use WebKit, inc…
Linux Kernel Race Condition Vulnerability — Race condition in mm/gup.c in the Linux kernel allows local users to escalate privileges.
Google Chromium V8 Out-of-Bounds Memory Vulnerability — Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could aff…
NETGEAR Multiple Routers Remote Code Execution Vulnerability — NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution.
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability — A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability — A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute cod…
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability — Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information discl…
Microsoft Office Memory Corruption Vulnerability — Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution.
Microsoft Edge Memory Corruption Vulnerability — The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.
Microsoft Edge Memory Corruption Vulnerability — The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute remote code or cause a denial of service (memory corruption) via a crafted web site.
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k kernel-mode driver fails to properly handle objects in memory which allows for privilege escalation. Successful exploitation allows an attacker to run code in kernel mode.
Microsoft Windows Open Type Font Remote Code Execution Vulnerability — A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of th…
CVE-2016-7262
Microsoft Office Security Feature Bypass Vulnerability - Arbitrary Code Execution
11:01 KSA
Microsoft Office Security Feature Bypass Vulnerability — A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
SKYSEA Client View Improper Authentication Vulnerability — SKYSEA Client View contains an improper authentication vulnerability that allows remote code execution via a flaw in processing authentication on the TCP connection with the management console program.
Adobe Flash Player Use-After-Free Vulnerability — Use-after-free vulnerability in Adobe Flash Player Windows and OS and Linux allows remote attackers to execute arbitrary code.
Adobe Flash Player Use-After-Free Vulnerability — Adobe Flash Player has an exploitable use-after-free vulnerability in the TextField class.
Siemens SIMATIC CP 1543-1 Improper Privilege Management Vulnerability — An improper privilege management vulnerability exists within the Siemens SIMATIC Communication Processor (CP) that allows a privileged attacker to remotely cause a denial of service.
Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat contains an unspecified vulnerability that allows for remote code execution if JmxRemoteLifecycleListener is used and an attacker can reach Java Management Extension (JMX) ports. This CVE exists because this listen…
Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability — Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows.
SAP NetWeaver XML External Entity (XXE) Vulnerability — SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.
Microsoft Graphics Device Interface (GDI) Privilege Escalation Vulnerability — The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold,…
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability — The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.
Microsoft XML Core Services Information Disclosure Vulnerability — Microsoft XML Core Services (MSXML) improperly handles objects in memory, allowing attackers to test for files on disk via a crafted web site.
Microsoft Edge and Internet Explorer Type Confusion Vulnerability — Microsoft Edge and Internet Explorer have a type confusion vulnerability in mshtml.dll, which allows remote code execution.
CVE-2017-0059
Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2017-0059)
11:01 KSA
Microsoft Internet Explorer Information Disclosure Vulnerability — Microsoft Internet Explorer allow remote attackers to obtain sensitive information from process memory via a crafted web site.
Microsoft Windows Transaction Manager Privilege Escalation Vulnerability — A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability — Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
Microsoft SMBv1 Remote Code Execution Vulnerability — The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
Microsoft SMBv1 Remote Code Execution Vulnerability — The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets.
Microsoft Windows SMB Remote Code Execution Vulnerability — The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.
Microsoft Windows SMBv1 Information Disclosure Vulnerability — The SMBv1 server in Microsoft Windows allows remote attackers to obtain sensitive information from process memory via a crafted packet.
Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability — Red Hat JBoss RichFaces Framework contains an expression language injection vulnerability via the UserResource resource. A remote, unauthenticated attacker could exploit this vulnerability to execute …
Laravel Deserialization of Untrusted Data Vulnerability — Laravel Framework contains a deserialization of untrusted data vulnerability, allowing for remote command execution. This vulnerability may only be exploited if a malicious user has accessed the application encryption key …
TIBCO JasperReports Library Directory Traversal Vulnerability — TIBCO JasperReports Library contains a directory-traversal vulnerability that may allow web server users to access contents of the host system.
CVE-2018-19320
GIGABYTE GDrv Ring0 Memcpy Vulnerability Enables Local Privilege Escalation
11:01 KSA
GIGABYTE Multiple Products Unspecified Vulnerability — The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected …
GIGABYTE Multiple Products Privilege Escalation Vulnerability — The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by …
GIGABYTE Multiple Products Code Execution Vulnerability — The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of wa…
GIGABYTE Multiple Products Privilege Escalation Vulnerability — The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a l…
Paessler PRTG Network Monitor Local File Inclusion Vulnerability — Paessler PRTG Network Monitor contains a local file inclusion vulnerability that allows a remote, unauthenticated attacker to create users with read-write privileges (including administrator).
QNAP NAS File Station Cross-Site Scripting Vulnerability — A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.
QNAP NAS File Station Command Injection Vulnerability — A command injection vulnerability affecting QNAP NAS File Station could allow remote attackers to run commands.
QNAP NAS File Station Cross-Site Scripting Vulnerability — A cross-site scripting vulnerability affecting QNAP NAS File Station could allow remote attackers to inject malicious code.
ThinkPHP "noneCms" Remote Code Execution Vulnerability — ThinkPHP "noneCms" contains an unspecified vulnerability that allows for remote code execution through crafted use of the filter parameter.
WinRAR Absolute Path Traversal Vulnerability — WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution
Kaseya VSA Remote Code Execution Vulnerability — Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.
SAP Customer Relationship Management (CRM) Path Traversal Vulnerability — SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.
Oracle WebLogic Server Unspecified Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.
Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability — Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code …
Adobe Flash Player Use-After-Free Vulnerability — Adobe Flash Player contains a use-after-free vulnerability that could allow for code execution.
Adobe ColdFusion Deserialization of Untrusted Data Vulnerability — Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution.
Adobe Acrobat and Reader Double Free Vulnerability — Adobe Acrobat and Reader have a double free vulnerability that could lead to remote code execution.
Adobe Flash Player Stack-based Buffer Overflow Vulnerability — Adobe Flash Player have a stack-based buffer overflow vulnerability that could lead to remote code execution.
CVE-2018-5430
TIBCO JasperReports Server Authenticated Information Disclosure Vulnerability
11:01 KSA
TIBCO JasperReports Server Information Disclosure Vulnerability — TIBCO JasperReports Server contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.
Google Chromium V8 Integer Overflow Vulnerability — Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utiliz…
Android Kernel Use-After-Free Vulnerability — Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploi…
CVE-2026-7019
A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file
15:36 KSA
A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The exploi…
CVE-2026-7057
A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of t
18:54 KSA
A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the attack remotely. The exploit has…
CVE-2026-7029
A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /g
15:36 KSA
A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the argument menufacturer/Go can lead to buffer overflow. The attack may be performed from remote. The exploit has…
CVE-2026-7030
A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file
15:36 KSA
A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclo…
CVE-2026-7031
A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/Safe
15:36 KSA
A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be …
CVE-2026-7032
A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilte
17:18 KSA
A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
CVE-2026-7033
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilte
17:18 KSA
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exp…
CVE-2026-7034
A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file
17:18 KSA
A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the argument Go results in stack-based buffer overflow. The attack may be initiated rem…
CVE-2026-7035
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/
18:54 KSA
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. T…
CVE-2026-7056
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeU
18:54 KSA
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now p…
CVE-2026-7055
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the
18:54 KSA
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried …
CVE-2026-7054
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the fil
18:54 KSA
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be execu…
CVE-2026-7053
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L
18:54 KSA
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The expl…
CVE-2018-25263
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows loca
18:54 KSA
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within t…
CVE-2018-25283
iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Sna
18:54 KSA
iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows local attackers to execute arbitrary code. Attackers can input a crafted payload exceeding 260 bytes through the System…
CVE-2025-48769
Use After Free vulnerability was discovered in fs/vfs/fs_rename code of the Apache NuttX RTOS, that due recursive implem
04:01 KSA
Use After Free vulnerability was discovered in fs/vfs/fs_rename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed hea…
CVE-2025-52864
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
04:01 KSA
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following ve…
CVE-2025-52868
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
04:01 KSA
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.…
CVE-2025-52869
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
04:01 KSA
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.…
CVE-2025-52870
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
04:01 KSA
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.…
CVE-2025-52872
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker
04:01 KSA
A buffer overflow vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following ve…
CVE-2025-57709
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, th
04:01 KSA
A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes.
We have already fixed the vulnerability in the following version:
Qsync Central 5.0.…
CVE-2025-59022
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the T
04:01 KSA
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering t…
CVE-2025-62501
SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain de
04:01 KSA
SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle (MITM) attack. This could enable unauthorized access if captured credentials are reused.This issu…
CVE-2025-64729
The vulnerability, if exploited, could allow an authenticated miscreant
(OS Standard User) to tamper with Process Optim
04:01 KSA
The vulnerability, if exploited, could allow an authenticated miscreant
(OS Standard User) to tamper with Process Optimization project files,
embed code, and escalate their privileges to the identity of a victim
user who subsequently interacts with the project files.
CVE-2026-0506
Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attack
04:01 KSA
Due to a Missing Authorization Check vulnerability in Application Server ABAP and ABAP Platform, an authenticated attacker could misuse an RFC function to execute form routines (FORMs) in the ABAP system. Successful exploitation could allow the attacker to write or modify data ac…
CVE-2026-0511
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated u
04:01 KSA
SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has high impact on confidentiality and integrity of the application ,availability is not impacted.
CVE-2026-0726
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versi
04:01 KSA
The Nexter Extension – Site Enhancements Toolkit plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.6 via deserialization of untrusted input in the 'nxt_unserialize_replace' function. This makes it possible for unauthenticated att…
CVE-2026-1375
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object Refere
04:01 KSA
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to Insecure Direct Object References (IDOR) in all versions up to, and including, 3.9.5. This is due to missing object-level authorization checks in the `course_list_bulk_action()`, `bulk_dele…
CVE-2026-1530
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) atta
04:01 KSA
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and OpenShift…
CVE-2026-1531
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification
04:01 KSA
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic betw…
CVE-2026-1610
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of t
04:01 KSA
A vulnerability was found in Tenda AX12 Pro V2 16.03.49.24_cn. Affected by this issue is some unknown functionality of the component Telnet Service. Performing a manipulation results in hard-coded credentials. The attack is possible to be carried out remotely. A high degree of co…
CVE-2026-1779
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and in
05:22 KSA
The User Registration & Membership plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.1.2. This is due to incorrect authentication in the 'register_member' function. This makes it possible for unauthenticated attackers to log in a newl…
CVE-2026-1803
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear
04:01 KSA
A weakness has been identified in Ziroom ZHOME A0101 1.0.1.0. Impacted is an unknown function of the component Dropbear SSH Service. This manipulation causes use of default credentials. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The…
CVE-2026-21228
Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.
04:01 KSA
Improper certificate validation in Azure Local allows an unauthorized attacker to execute code over a network.
CVE-2026-21973
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Se
04:01 KSA
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Security Management System). Supported versions that are affected are 14.5.0.15.0, 14.7.0.8.0 and 14.8.0.1.0. Easily exploitable vulnerability allows low privil…
CVE-2026-21989
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that a
04:01 KSA
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox …
CVE-2026-22661
prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attacker
09:36 KSA
prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the client system by crafting malicious ZIP archives with unsanitized filenames containing path traversal sequences. Attackers can…
CVE-2026-22665
prompts.chat prior to commit 1464475 contains an identity confusion vulnerability due to inconsistent case-sensitive and
09:36 KSA
prompts.chat prior to commit 1464475 contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attacker…
CVE-2026-22719
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this is
07:01 KSA
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.
T…
CVE-2026-22856
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP threa
04:01 KSA
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1.
CVE-2026-23517
Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76
04:01 KSA
Fleet is open source device management software. A broken access control issue in versions prior to 4.78.3, 4.77.1, 4.76.2, 4.75.2, and 4.53.3 allowed authenticated users to access debug and profiling endpoints regardless of role. As a result, low-privilege users could view inter…
CVE-2026-2370
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 1
21:26 KSA
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation…
CVE-2026-23750
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certific
05:22 KSA
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fragment, then appends subsequent fr…
CVE-2026-24135
Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in th
04:01 KSA
Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the serv…
CVE-2026-25055
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploade
04:01 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended l…
CVE-2026-25221
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for
04:01 KSA
PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0 implementation for GitHub and Google login providers is vulnerable to Login Cross-Site Request Forgery (CSRF). The application fails to implement and verify the state parameter du…
CVE-2026-25646
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics)
04:01 KSA
LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.55, an out-of-bounds read vulnerability exists in the png_set_quantize() API function. When the function is called with no hist…
CVE-2026-25793
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is n
04:01 KSA
Nebula is a scalable overlay networking tool. In versions from 1.7.0 to 1.10.2, when using P256 certificates (which is not the default configuration), it is possible to evade a blocklist entry created against the fingerprint of a certificate by using ECDSA Signature Malleability …
CVE-2026-26148
External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate
03:13 KSA
External initialization of trusted variables or data stores in Azure Entra ID allows an unauthorized attacker to elevate privileges locally.
CVE-2026-28272
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway
11:01 KSA
Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affe…
CVE-2026-32853
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the
21:55 KSA
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checkin…
CVE-2026-33031
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an adminis
00:51 KSA
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.4, a user who was disabled by an administrator can use previously issued API tokens for up to the token lifetime. In practice, disabling a compromised account does not actually terminate that user’s a…
CVE-2026-33577
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that
03:28 KSA
OpenClaw before 2026.3.28 contains an insufficient scope validation vulnerability in the node pairing approval path that allows low-privilege operators to approve nodes with broader scopes. Attackers can exploit missing callerScopes validation in node-pairing.ts to extend privile…
CVE-2026-33579
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to
03:28 KSA
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for…
CVE-2026-33649
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Permissions/setPermissio
11:22 KSA
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `plugin/Permissions/setPermission.json.php` endpoint accepts GET parameters for a state-changing operation that modifies user group permissions. The endpoint has no CSRF token validation, and …
CVE-2026-33651
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `remindMe.json.php` endpoint pas
11:22 KSA
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `remindMe.json.php` endpoint passes `$_REQUEST['live_schedule_id']` through multiple functions without sanitization until it reaches `Scheduler_commands::getAllActiveOrToRepeat()`, which direc…
CVE-2026-33668
Vikunja is an open-source self-hosted task management platform. Starting in version 0.18.0 and prior to version 2.2.1, w
21:55 KSA
Vikunja is an open-source self-hosted task management platform. Starting in version 0.18.0 and prior to version 2.2.1, when a user account is disabled or locked, the status check is only enforced on the local login and JWT token refresh paths. Three other authentication paths — A…
CVE-2026-34055
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to versio
11:08 KSA
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in `library/pnotes.inc.php` perform updates and deletes using `WHERE id = ?` without verifying that the note belon…
CVE-2026-34210
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method
03:28 KSA
mppx is a TypeScript interface for machine payments protocol. Prior to version 0.4.11, the stripe/charge payment method did not check Stripe's Idempotent-Replayed response header when creating PaymentIntents. An attacker could replay a valid credential containing the same spt tok…
CVE-2026-34309
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported ve
12:50 KSA
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft En…
CVE-2026-34377
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic
03:23 KSA
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.0 and zebra-consensus version 5.0.1, a logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providi…
CVE-2026-34403
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui u
00:51 KSA
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.5, all WebSocket endpoints in nginx-ui use a gorilla/websocket Upgrader with CheckOrigin unconditionally returning true, allowing Cross-Site WebSocket Hijacking (CSWSH). Combined with the fact that au…
CVE-2026-34503
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked.
03:28 KSA
OpenClaw before 2026.3.28 fails to disconnect active WebSocket sessions when devices are removed or tokens are revoked. Attackers with revoked credentials can maintain unauthorized access through existing live sessions until forced reconnection.
CVE-2026-34512
OpenClaw before 2026.3.25 contains an improper access control vulnerability in the HTTP /sessions/:sessionKey/kill route
21:26 KSA
OpenClaw before 2026.3.25 contains an improper access control vulnerability in the HTTP /sessions/:sessionKey/kill route that allows any bearer-authenticated user to invoke admin-level session termination functions without proper scope validation. Attackers can exploit this by se…
CVE-2026-34742
The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does no
03:23 KSA
The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with StreamableHTT…
CVE-2026-35645
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSe
01:48 KSA
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to …
CVE-2026-35653
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that all
16:36 KSA
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile throug…
CVE-2026-35660
OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint tha
16:36 KSA
OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attackers with operator.write privileges can invoke /reset or /new messages with an exp…
CVE-2026-3629
The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up
11:22 KSA
The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.29.7. This is due to the 'save_extra_user_profile_fields' function not properly restricting which user meta keys can be updated via profile…
CVE-2026-4021
The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in
11:22 KSA
The Contest Gallery plugin for WordPress is vulnerable to an authentication bypass leading to admin account takeover in all versions up to, and including, 28.1.5. This is due to the email confirmation handler in `users-registry-check-after-email-or-pin-confirmation.php` using the…
CVE-2026-4101
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1
19:32 KSA
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 under certain load conditions could allow an attacker to…
CVE-2026-4347
The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via
19:32 KSA
The MW WP Form plugin for WordPress is vulnerable to arbitrary file moving due to insufficient file path validation via the 'generate_user_filepath' function and the 'move_temp_file_to_upload_dir' function in all versions up to, and including, 5.1.0. This makes it possible for un…
CVE-2026-4350
The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to,
04:54 KSA
The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This is due to the `PMCS::action_handler()` method processing the `$_GET['delete']` parameter without any sanitization, authorization ch…
CVE-2026-4351
The Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal in all versions up to,
03:48 KSA
The Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal in all versions up to, and including, 2.5.9. This is due to the `PMCS::action_handler()` method processing the bulk action `activate`/`deactivate` handlers without any authorization …
CVE-2026-4415
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is ena
21:26 KSA
Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or priv…
CVE-2026-4718
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Th
18:01 KSA
Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.
CVE-2026-4896
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is
09:36 KSA
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.7.25 via multiple AJAX actions including `wcfm_modify_order_status`, `de…
CVE-2026-5282
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of
23:50 KSA
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5436
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1.
00:18 KSA
The MW WP Form plugin for WordPress is vulnerable to Arbitrary File Move/Read in all versions up to and including 5.1.1. This is due to insufficient validation of the $name parameter (upload field key) passed to the generate_user_file_dirpath() function, which uses WordPress's pa…
CVE-2026-5478
The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and incl
00:49 KSA
The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including, 3.4.4. This is due to the plugin trusting attacker-controlled old_files data from public form submissions as legitimate server-side upload state, and con…
CVE-2026-5718
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in
20:43 KSA
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to, and including, 1.3.9.6. This is due to insufficient file type validation that occurs when custom blacklist types are configured, which replaces…
CVE-2025-58077
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code
via a specially crafted set of network packets containing an excessive number of h…
CVE-2025-58455
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected va…
CVE-2025-59482
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the …
CVE-2025-59487
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset i…
CVE-2025-59891
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.
04:01 KSA
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due…
CVE-2025-59892
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.
04:01 KSA
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due…
CVE-2025-59893
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.
04:01 KSA
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due…
CVE-2025-59894
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.
04:01 KSA
Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due…
CVE-2025-61944
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields wit…
CVE-2025-61983
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields wit…
CVE-2025-62404
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected va…
CVE-2025-62405
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent a
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tmpserver modules) allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the …
CVE-2025-62673
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to ca
04:01 KSA
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 (tdpserver modules) allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects A…
CVE-2025-7016
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Aut
04:01 KSA
Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.
CVE-2026-0403
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN t
04:01 KSA
An insufficient input validation vulnerability in NETGEAR Orbi routers
allows attackers connected to the router's LAN to execute OS command
injections.
CVE-2026-0404
An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent at
04:01 KSA
An insufficient input validation vulnerability in NETGEAR Orbi devices'
DHCPv6 functionality allows network adjacent attackers authenticated
over WiFi or on LAN to execute OS command injections on the router.
DHCPv6 is not enabled by default.
CVE-2026-0406
An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN t
04:01 KSA
An insufficient input validation vulnerability in the NETGEAR XR1000v2
allows attackers connected to the router's LAN to execute OS command
injections.
CVE-2026-0407
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with Wi
04:01 KSA
An insufficient authentication vulnerability in NETGEAR WiFi range
extenders allows a network adjacent attacker with WiFi authentication or
a physical Ethernet port connection to bypass the authentication
process and access the admin panel.
CVE-2026-0408
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the
04:01 KSA
A path traversal vulnerability in NETGEAR WiFi range extenders allows
an attacker with LAN authentication to access the router's IP and
review the contents of the dynamically generated webproc file, which
records the username and password submitted to the router GUI.
CVE-2026-0630
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack
04:01 KSA
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise …
CVE-2026-0631
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent
authenticated
att
04:01 KSA
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromi…
CVE-2026-20155
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow a
19:32 KSA
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with low privileges to access sensitive information that they are not authorized to access.
This vulnerability is due to imp…
CVE-2026-20764
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
providing malicious input via the device hostname configuration which
is later processed during system setup…
CVE-2026-21229
Improper input validation in Power BI allows an authorized attacker to execute code over a network.
04:01 KSA
Improper input validation in Power BI allows an authorized attacker to execute code over a network.
CVE-2026-21257
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio
04:01 KSA
Improper neutralization of special elements used in a command ('command injection') in GitHub Copilot and Visual Studio allows an authorized attacker to elevate privileges over a network.
CVE-2026-22221
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack
04:01 KSA
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attacker
execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise o…
CVE-2026-22222
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attack
04:01 KSA
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent
authenticated
attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise …
CVE-2026-22223
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attack
04:01 KSA
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent
authenticated
attacker
execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise o…
CVE-2026-23702
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
sending malicious input injected into the server username field of the
import preconfiguration action in the…
CVE-2026-24010
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versi
04:01 KSA
Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HTML file disguised as a profile pi…
CVE-2026-24129
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versi
04:01 KSA
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames.…
CVE-2026-24452
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted template file to the devices route.
CVE-2026-24840
Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a hardcoded credential in th
04:01 KSA
Dokploy is a free, self-hostable Platform as a Service (PaaS). In versions prior to 0.26.6, a hardcoded credential in the provided installation script (located at https://dokploy.com/install.sh, line 154) uses a hardcoded password when creating the database container. This means …
CVE-2026-25037
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
configuring a maliciously crafted LCD state which is later processed
during system setup, enabling remote c…
CVE-2026-25105
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated atta
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into parameters of the Modbus command tool in
the debug route.
CVE-2026-25172
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to exec
03:13 KSA
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2026-25173
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to exec
03:13 KSA
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
CVE-2026-25196
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the Wi-Fi SSID and/or password fields
can lead to remote code execution when …
CVE-2026-25721
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker
04:30 KSA
An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the server username and/or password
fields of the restore action in the API V…
CVE-2026-27509
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorizati
05:22 KSA
Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join DD…
CVE-2026-27912
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
21:54 KSA
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
CVE-2026-3037
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an authenticated attacker t
04:30 KSA
An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an authenticated attacker to achieve remote code
execution on the system by modifying malicious input injected into the
MBird SMS service URL and/or code via the utility route which is …
CVE-2026-30814
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attac
02:16 KSA
A stack-based buffer overflow in the tmpServer module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to trigger a segmentation fault and potentially execute arbitrary code via a specially crafted configuration file. Successful exploitation may cause a crash…
CVE-2026-30815
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent
02:16 KSA
An OS command injection vulnerability in the OpenVPN module
of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may …
CVE-2026-30818
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent
02:16 KSA
An OS command injection vulnerability in the dnsmasq module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute arbitrary code when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may a…
CVE-2026-3108
Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-cont
03:24 KSA
Mattermost versions 11.2.x
CVE-2026-32172
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.
13:36 KSA
Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.
⚠️ Threat Intelligence
1 threats
rss:BleepingComputer
—
20:54 KSA
American utility firm Itron discloses breach of internal IT network
Itron, a major American utility company, disclosed a cybersecurity breach affecting its internal IT network through an SEC filing. An unauthorized third party gained access to certain internal s…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Sunday, April 26, 2026
CVE Archive ·
Threats ·
News