CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-4946 Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in arbitrary command execution when an analyst interacts with the UI... | 8.8 | HIGH | — | 0 |
| CVE-2026-4043 A security vulnerability has been detected in Tenda i12 1.0.0.6(2204). The impacted element is the function formwrlSSIDget of the file /goform/wifiSSIDget. Such manipulation of the argument index lead... | 8.8 | HIGH | — | 0 |
| CVE-2026-4677 Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity... | 8.8 | HIGH | — | 0 |
| CVE-2025-67037 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "tunnel" parameter when killing a tunnel connection. Injected commands are executed wi... | 8.8 | HIGH | — | 0 |
| CVE-2026-3976 A weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipu... | 8.8 | HIGH | — | 0 |
| CVE-2026-4678 Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | 8.8 | HIGH | — | 0 |
| CVE-2025-41660 A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution. | 8.8 | HIGH | — | 0 |
| CVE-2026-4679 Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | 8.8 | HIGH | — | 0 |
| CVE-2026-3801 A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/pin... | 8.8 | HIGH | — | 0 |
| CVE-2026-4680 Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | 8.8 | HIGH | — | 0 |
| CVE-2026-4460 Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | 8.8 | HIGH | — | 0 |
| CVE-2025-67036 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The Log Info page allows users to see log files by specifying their names. Due to a missing sanitization in the file name parameter, an authenti... | 8.8 | HIGH | — | 0 |
| CVE-2026-3679 A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPO... | 8.8 | HIGH | — | 0 |
| CVE-2024-55022 Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to contain an authenticated command injection vulnerability via the HMI Name parameter. | 8.8 | HIGH | — | 0 |
| CVE-2026-3768 A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO le... | 8.8 | HIGH | — | 0 |
| CVE-2026-32051 OpenClaw versions prior to 2026.3.1 contain an authorization mismatch vulnerability that allows authenticated callers with operator.write scope to invoke owner-only tool surfaces including gateway and... | 8.8 | HIGH | — | 0 |
| CVE-2026-33647 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `ImageGallery::saveFile()` method validates uploaded file content using `finfo` MIME type detection but derives ... | 8.8 | HIGH | — | 0 |
| CVE-2026-3678 A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buff... | 8.8 | HIGH | — | 0 |
| CVE-2026-30875 Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote C... | 8.8 | HIGH | — | 0 |
| CVE-2026-24283 Heap-based buffer overflow in Windows File Server allows an authorized attacker to elevate privileges locally. | 8.8 | HIGH | — | 0 |
| CVE-2026-33053 Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an api_key_id path parameter and deletes it with ... | 8.8 | HIGH | — | 0 |
| CVE-2026-33648 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the restreamer endpoint constructs a log file path by embedding user-controlled `users_id` and `liveTransmitionHisto... | 8.8 | HIGH | — | 0 |
| CVE-2026-27040 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through <= 14.0.31. | 8.8 | HIGH | — | 0 |
| CVE-2026-3769 A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buf... | 8.8 | HIGH | — | 0 |
| CVE-2026-31828 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.13 and 8.6.26, the LDAP authentication adapter is vulnerable to LDAP inject... | 8.8 | HIGH | — | 0 |
| CVE-2025-50881 The `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from t... | 8.8 | HIGH | — | 0 |
| CVE-2026-32950 SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a critical SQL Injection vulnerability in the /api/v1/datasource/uploadExcel endpoin... | 8.8 | HIGH | — | 0 |
| CVE-2026-26106 Improper input validation in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. | 8.8 | HIGH | — | 0 |
| CVE-2026-4462 Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | 8.8 | HIGH | — | 0 |
| CVE-2026-33289 SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Prior to versions 7.15.1 and 8.9.3, an LDAP Injection vulnerability exists in the SuiteCRM aut... | 8.8 | HIGH | — | 0 |
| CVE-2026-32060 OpenClaw versions prior to 2026.2.14 contain a path traversal vulnerability in apply_patch that allows attackers to write or delete files outside the configured workspace directory. When apply_patch i... | 8.8 | HIGH | — | 0 |
| CVE-2026-4318 A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buf... | 8.8 | HIGH | — | 0 |
| CVE-2026-5024 A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-base... | 8.8 | HIGH | — | 0 |
| CVE-2026-5036 A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation ... | 8.8 | HIGH | — | 0 |
| CVE-2026-27894 LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. Prior to version 9.5, a local file inclusion was detected in the PDF e... | 8.8 | HIGH | — | 0 |
| CVE-2026-1463 The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.3 via the 'template' parameter in... | 8.8 | HIGH | — | 0 |
| CVE-2026-33479 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the Gallery plugin's `saveSort.json.php` endpoint passes unsanitized user input from `$_REQUEST['sections']` array v... | 8.8 | HIGH | — | 0 |
| CVE-2026-25360 Deserialization of Untrusted Data vulnerability in rascals Vex vex allows Object Injection.This issue affects Vex: from n/a through < 1.2.9. | 8.8 | HIGH | — | 0 |
| CVE-2026-4314 The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the `isDashboardOrProfileReque... | 8.8 | HIGH | — | 0 |
| CVE-2026-4815 A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls[0][message_ids][]' parameter in '... | 8.8 | HIGH | — | 0 |
| CVE-2026-33075 FastGPT is an AI Agent building platform. In versions 4.14.8.3 and below, the fastgpt-preview-image.yml workflow is vulnerable to arbitrary code execution and secret exfiltration by any external contr... | 8.8 | HIGH | — | 0 |
| CVE-2026-33124 Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifyin... | 8.8 | HIGH | — | 0 |
| CVE-2026-25358 Deserialization of Untrusted Data vulnerability in rascals Meloo meloo allows Object Injection.This issue affects Meloo: from n/a through < 2.8.2. | 8.8 | HIGH | — | 0 |
| CVE-2026-25359 Deserialization of Untrusted Data vulnerability in rascals Pendulum pendulum allows Object Injection.This issue affects Pendulum: from n/a through < 3.1.5. | 8.8 | HIGH | — | 0 |
| CVE-2026-3334 The CMS Commander plugin for WordPress is vulnerable to SQL Injection via the 'or_blogname', 'or_blogdescription', and 'or_admin_email' parameters in all versions up to, and including, 2.288. This is ... | 8.8 | HIGH | — | 0 |
| CVE-2026-32756 Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF... | 8.8 | HIGH | — | 0 |
| CVE-2023-43010 The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Pr... | 8.8 | HIGH | — | 0 |
| CVE-2026-4261 The Expire Users plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.2. This is due to the plugin allowing a user to update the 'on_expire_default_to_r... | 8.8 | HIGH | — | 0 |
| CVE-2026-4566 A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-base... | 8.8 | HIGH | — | 0 |
| CVE-2025-67034 An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An authenticated attacker can inject OS commands into the "name" parameter when deleting SSL credentials through the management interface. Injec... | 8.8 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.