CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-4177 YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33210 Ruby JSON is a JSON implementation for Ruby. From version 2.14.0 to before versions 2.15.2.1, 2.17.1.2, and 2.19.2, a format string injection vulnerability can lead to denial of service attacks or inf... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-2880 A vulnerability in @fastify/middie versions < 9.2.0 can result in authentication/authorization bypass when using path-scoped middleware (for example, app.use('/secret', auth)). When Fastify router no... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33186 gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go serve... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-4599 Versions of the package jsrsasign from 7.0.0 and before 11.1.1 are vulnerable to Incomplete Comparison with Missing Factors via the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functio... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33297 WWBN AVideo is an open source video platform. Prior to version 26.0, the `setPassword.json.php` endpoint in the CustomizeUser plugin allows administrators to set a channel password for any user. Due t... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33351 WWBN AVideo is an open source video platform. Prior to version 26.0, a Server-Side Request Forgery (SSRF) vulnerability exists in `plugin/Live/standAloneFiles/saveDVR.json.php`. When the AVideo Live p... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-3432 On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` par... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-2833 An HTTP request smuggling vulnerability (CWE-444) was found in Pingora's handling of HTTP/1.1 connection upgrades. The issue occurs when a Pingora proxy reads a request containing an Upgrade header, c... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-69615 Incorrect Access Control via missing 2FA rate-limiting allowing unlimited brute-force retries and full MFA bypass with no user interaction required. Affected Product: Deutsche Telekom AG Telekom Accou... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-26279 Froxlor is open source server administration software. Prior to 2.3.4, a typo in Froxlor's input validation code (== instead of =) completely disables email format checking for all settings fields dec... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-24060 Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted, and modified by an attacker. Valuable information such as the File Start Posit... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-23802 Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine ai-engine allows Using Malicious Files.This issue affects AI Engine: from n/a through <= 3.3.2. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-27685 SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentialit... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-28114 Unrestricted Upload of File with Dangerous Type vulnerability in firassaidi WooCommerce License Manager fs-license-manager allows Upload a Web Shell to a Web Server.This issue affects WooCommerce Lice... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-11158 Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6, including 9.3.x andΒ 8.3.x, do not restrict Groovy scripts in new PRPT reports published by users, allowing insertion ofΒ a... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-32238 OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.2 contain a Command injection vulnerability in the backup functionality... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-30701 The web interface of the WiFi Extender WDR201A (HW V2.1, FW LFMZX28040922V1.02) contains hardcoded credential disclosure mechanisms (in the form of Server Side Include) within multiple server-side web... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-28697 Craft is a content management system (CMS). Prior to 4.17.0-beta.1 and 5.9.0-beta.1, an authenticated administrator can achieve Remote Code Execution (RCE) by injecting a Server-Side Template Injectio... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-22732 When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that the HTTP Headers will not be written.Β This issue affects Spring Security:... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-31816 Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.31.4 and earlier, the Budibase server's authorized() middleware that protects every server-side API endpo... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-32817 Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the documents and files module does not verify whether the current user has permission to delete folders or files. ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33024 AVideo is a video-sharing Platform. Versions prior to 8.0 contain a Server-Side Request Forgery vulnerability (CWE-918) in the public thumbnail endpoints getImage.php and getImageMP4.php. Both endpoin... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-4753 Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-2835 An HTTP Request Smuggling vulnerability (CWE-444) has been found in Pingora's parsing of HTTP/1.0 and Transfer-Encoding requests. The issue occurs due to improperly allowing HTTP/1.0 request bodies to... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-41764 Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-41765 Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact ... | 9.1 | CRITICAL | β | 0 |
| CVE-2025-66945 A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended direc... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33749 n8n is an open source workflow automation platform. Prior to versions 1.123.27, 2.13.3, and 2.14.1, an authenticated user with permission to create or modify workflows could craft a workflow that prod... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-32891 Anchorr is a Discord bot for requesting movies and TV shows and receiving notifications when items are added to a media server. Versions 1.4.1 and below contain a stored XSS vulnerability in the Jelly... | 9.0 | CRITICAL | β | 0 |
| CVE-2025-55208 Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in ... | 9.0 | CRITICAL | β | 0 |
| CVE-2025-33244 NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier... | 9.0 | CRITICAL | β | 0 |
| CVE-2025-32991 In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution. | 9.0 | CRITICAL | β | 0 |
| CVE-2026-32519 Incorrect Privilege Assignment vulnerability in Bit Apps Bit SMTP bit-smtp allows Privilege Escalation.This issue affects Bit SMTP: from n/a through <= 1.2.2. | 9.0 | CRITICAL | β | 0 |
| CVE-2026-27540 Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture allows Using Malicious Files.This issue affects Woocommerce Wholesale Lead Ca... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-3564 A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scen... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-32703 OpenProject is an open-source, web-based project management software. In versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1, the Repositories module did not properly escape filenames displayed from ... | 9.0 | CRITICAL | β | 0 |
| CVE-2023-27573 netbox-docker before 2.5.0 has a superuser account with default credentials (admin password for the admin account, and 0123456789abcdef0123456789abcdef01234567 value for SUPERUSER_API_TOKEN). In pract... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-27825 MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, the `confluence_download_attachment` MCP tool accepts a `download_path` pa... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-32751 SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the mobile file tree (MobileFiles.ts) renders notebook names via innerHTML without HTML escaping when processing renameno... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-33067 SiYuan is a personal knowledge management system. Versions 3.6.0 and below render package metadata fields (displayName, description) using template literals without HTML escaping. A malicious package ... | 9.0 | CRITICAL | β | 0 |
| CVE-2025-59542 Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course learning path Settings ... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-27984 Improper Control of Generation of Code ('Code Injection') vulnerability in Marketing Fire Widget Options widget-options allows Code Injection.This issue affects Widget Options: from n/a through <= 4.1... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-33066 SiYuan is a personal knowledge management system. In versions 3.6.0 and below, the backend renderREADME function uses lute.New() without calling SetSanitize(true), allowing raw HTML embedded in Markdo... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-30862 Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.96, a Critical Stored XSS vulnerability exists in the Table Widget (TableWidgetV2). The root cause is a lack of... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-27384 Improper Validation of Specified Quantity in Input vulnerability in BoldGrid W3 Total Cache w3-total-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects W3 Total C... | 9.0 | CRITICAL | β | 0 |
| CVE-2025-59543 Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an a... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-31889 Shopware is an open commerce platform. Prior to 6.6.10.15 and 6.7.8.1, a vulnerability in the Shopware app registration flow that could, under specific conditions, allow attackers to take over the com... | 8.9 | HIGH | β | 0 |
| CVE-2026-30934 FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, Stored XSS is possible via share metadata fields (e.g., title, description) that are rendered ... | 8.9 | HIGH | β | 0 |
| CVE-2026-25737 Budibase is a low code platform for creating internal tools, workflows, and admin panels. In 3.24.0 and earlier, an arbitrary file upload vulnerability exists even though file extension restrictions a... | 8.9 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.