CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-23636 Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form could potentially exploit an Unrestricted Upload of File with Dangerous Type due... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23337 In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config() In pinconf_generic_parse_dt_config(), if parse_dt_c... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32218 Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23157 In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 p... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23154 In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY f... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23141 In the Linux kernel, the following vulnerability has been resolved: btrfs: send: check for inline extents in range_is_hole_in_parent() Before accessing the disk_bytenr field of a file extent item we... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-23070 In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes (supported, advertised) and EEPROM data in s... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31595 In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Stop cmd_handler work in epf_ntb_epc_cleanup Disable the delayed work before clearing BAR mappings an... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31610 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix mechToken leak when SPNEGO decode fails after token alloc The kernel ASN.1 BER decoder calls action callbacks increment... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31585 In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix nfeeds state corruption on start_streaming failure syzbot reported a memory leak in vidtv_psi_service_desc_init ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31599 In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix NULL pointer dereference in vidtv_channel_pmt_match_sections syzbot reported a general protection fault in vidtv... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31604 In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while t... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31625 In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alps_raw_event() Commit ecfa6f34492c ("HID: Add HID_CLAIMED_INPUT guards in raw_event c... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31596 In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 [#1] SMP ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31617 In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() The block_len read from the host-supplied NTB header is checked... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-33911 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the POST parameter `title` is reflected back in a JSON response built... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2973 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to execute arb... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34749 Payload is a free and open source headless content management system. Prior to version 3.79.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the authentication flow. Under certain condit... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34590 Postiz is an AI social media scheduling tool. Prior to version 2.21.4, the POST /webhooks/ endpoint for creating webhooks uses WebhooksDto which validates the url field with only @IsUrl() (format chec... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34848 hoppscotch is an open source API development ecosystem. Prior to version 2026.3.0, there is a stored XSS vulnerability in the team member overflow tooltip via display name. This issue has been patched... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-3106 Blind Cross-Site Scripting (XSS) in Teampass, versions prior to 3.1.5.16, within the password manager login functionality in the 'contraseΓ±a' parameter of the login form 'redacted/index.php'. During f... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-70365 A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user c... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-40071 pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev97, the /json/package_order, /json/link_order, and /json/abort_link WebUI JSON endpoints enforce weaker permiss... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33119 User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network. | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33726 Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8, and 1.19.2, Ingress Network Policies are not enforced for traffic from pod... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2804 Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148 and Thunderbird 148. | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32893 Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, a Reflected Cross-Site Scripting (XSS) vulnerability in the exercise question list admin panel allows an attacker to execute arbitrary... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-7024 A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServle... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-27387 Missing Authorization vulnerability in Designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a t... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4274 Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to restrict team-level access when processing membership sync from a remote cluster, which allows a m... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34429 Vvveb prior toΒ 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to execute arbitrary JavaScript by bypassing MIME t... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-41233 Froxlor is open source server administration software. Prior to version 2.3.6, in `Domains.add()`, the `adminid` parameter is accepted from user input and used without validation when the calling rese... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-14912 IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system,... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33889 ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in the @apostrophecms/color-field module, where color v... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34451 Claude SDK for TypeScript provides access to the Claude API from server-side TypeScript or JavaScript applications. From version 0.79.0 to before version 0.81.0, the local filesystem memory tool in th... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-5026 The '/api/v1/files/images/{flow_id}/{file_name}' endpoint serves SVG files with the 'image/svg+xml' content type without sanitizing their content. Since SVG files can contain embedded JavaScript, an ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33400 Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.7.0, a stored cross-site scripting (XSS) vulnerability in the payment method rename endpoint allows any authen... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-70033 An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34624 Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environm... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-15445 The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged opera... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34475 Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or auth... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-40112 PraisonAI is a multi-agent teams system. Prior to 4.5.128, the Flask API endpoint in src/praisonai/api.py renders agent output as HTML without effective sanitization. The _sanitize_html function relie... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4065 The Smart Slider 3 plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on multiple wp_ajax_smart-slider3 controller actions in all versi... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33915 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, five insurance company REST API routes are missing the `RestConfig::r... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2864 A vulnerability has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. This affects the function pictureDelete of the file PictureController.ja... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4332 GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2863 A flaw has been found in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. The impacted element is the function deleteFile of the file FileServiceImpl.java.... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-41466 ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText() function within Security.php that fails to properly sanitize user input by only de... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-41467 ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the file upload functionality where the checkValidFileName() function fails to restrict HTML and HTM file u... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-7145 A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component Invita... | 5.4 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.