CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-7217 A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-off... | 5.3 | MEDIUM | β | 0 |
| CVE-2016-20051 Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34443 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.211, checkIpByMask() in app/Misc/Helper.php checks whether the input IP contains a / character. ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-4911 The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is due to the intentForStripe() function passing user-controlled $_POST['amou... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-7271 A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-age... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-14944 The Backup Migration plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.0.0. This is due to a missing capability check on the 'initializeOfflineAjax' f... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-3646 The LTL Freight Quotes β R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to ... | 5.3 | MEDIUM | β | 0 |
| CVE-2024-53828 Ericsson Packet Core Controller (PCC) versions prior to 1.38 contain a vulnerability where an attacker sending a large volume of specially crafted messages may cause service degradation. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-2696 The Export All URLs WordPress plugin before 5.1 generates CSV filenames containing posts URLS (including private posts) in a predictable pattern using a random 6-digit number. These files are stored i... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-1797 The Appointment Booking and Scheduler Plugin β Truebooker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 through views php files. This... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-21726 The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/r... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41363 OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can ex... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-42034 Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is bypassed when maxRedirects is set to 0 (native http/https tran... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32492 Authentication Bypass by Spoofing vulnerability in Joe Dolson My Tickets my-tickets allows Identity Spoofing.This issue affects My Tickets: from n/a through <= 2.1.1. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-35452 WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpo... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32028 OpenClaw versions prior to 2026.2.25 fail to enforce dmPolicy and allowFrom authorization checks on Discord direct-message reaction notifications, allowing non-allowlisted users to enqueue reaction-de... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32029 OpenClaw versions prior to 2026.2.21 improperly parse the left-most X-Forwarded-For header value when requests originate from configured trusted proxies, allowing attackers to spoof client IP addresse... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33690 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `getRealIpAddr()` function in `objects/functions.php` trusts user-controlled HTTP headers to determine the clien... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5502 The Tutor LMS β eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to and including 3.9.8. This is due to a missing auth... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33763 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `get_api_video_password_is_correct` API endpoint allows any unauthenticated user to verify whether a given passw... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5022 The '/api/v1/files/images/{flow_id}/{file_name}' endpoint does not enforce any authentication or authorization checks, allowing any unauthenticated user to download images belonging to any flow by kno... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-20996 Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33722 n8n is an open source workflow automation platform. Prior to versions 2.6.4 and 1.123.23, an authenticated user without permission to list external secrets could reference a secret by the external nam... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34368 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `transferBalance()` method in `plugin/YPTWallet/YPTWallet.php` contains a Time-of-Check-Time-of-Use (TOCTOU) rac... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-20692 A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33769 Astro is a web framework. From version 2.10.10 to before version 5.18.1, this issue concerns Astro's remotePatterns path enforcement for remote URLs used by server-side fetchers such as the image opti... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-13822 MCPHub in versions belowΒ 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the na... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-34411 Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33219 NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a malicious client which can connect to the WebSockets port can ca... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-2519 The Online Scheduling and Appointment Booking System β Bookly plugin for WordPress is vulnerable to price manipulation via the 'tips' parameter in all versions up to, and including, 27.0. This is due ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-35040 fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to 6.2.1, using certain modifiers on RegExp objects in the allowedAud, allowedIss, allowedSub, allowedJti, or allowedNonce options in ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5886 Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41345 OpenClaw before 2026.3.31 contains a credential exposure vulnerability in media download functionality that forwards Authorization headers across cross-origin redirects. Attackers can exploit this by ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-0394 When dovecot has been configured to use per-domain passwd files, and they are placed one path component above /etc, or slash has been added to allowed characters, path traversal can happen if the doma... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39644 Missing Authorization vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wp Ultimate Review: from ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6498 The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the valid_payment() function ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6767 Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-33948 jq is a command-line JSON processor. Commits before 6374ae0bcdfe33a18eb0ae6db28493b1f34a0a5b contain a vulnerability where CLI input parsing allows validation bypass via embedded NUL bytes. When readi... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-59028 When sending invalid base64 SASL data, login process is disconnected from the auth server, causing all active authentication sessions to fail. Invalid BASE64 data can be used to DoS a vulnerable serve... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32396 Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through <= 5.0.13. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-27859 A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU t... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32395 Missing Authorization vulnerability in Xpro Xpro Addons For Beaver Builder β Lite xpro-addons-beaver-builder-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issu... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41400 OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-st... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-5335 The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-39365 Vite is a frontend tooling framework for JavaScript. From 6.0.0 to before 6.4.2, 7.3.2, and 8.0.5, the dev serverβs handling of .map requests for optimized dependencies resolves file paths and calls r... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-3979 A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation causes use after free. The attack requires local ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-3994 A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-6765 Information disclosure in the Form Autofill component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-41391 OpenClaw before 2026.3.31 fails to properly sanitize PIP_INDEX_URL and UV_INDEX_URL environment variables in host execution contexts, allowing attackers to redirect Python package-index traffic. Attac... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-4015 A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead... | 5.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.