CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-4598 Versions of the package jsrsasign before 11.1.1 are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative in... | 7.5 | HIGH | β | 0 |
| CVE-2026-2471 The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. Thi... | 7.5 | HIGH | β | 0 |
| CVE-2026-3805 When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. | 7.5 | HIGH | β | 0 |
| CVE-2026-29039 changedetection.io is a free open source web page change detection tool. Prior to version 0.54.4, the changedetection.io application allows users to specify XPath expressions as content filters via th... | 7.5 | HIGH | β | 0 |
| CVE-2025-70028 An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | 7.5 | HIGH | β | 0 |
| CVE-2025-63912 Cohesity TranZman Migration Appliance Release 4.0 Build 14614 was discovered to use a weak cryptography algorithm for data encryption, allowing attackers to trivially reverse the encyption and expose ... | 7.5 | HIGH | β | 0 |
| CVE-2026-33064 Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm... | 7.5 | HIGH | β | 0 |
| CVE-2026-32701 Qwik is a performance-focused JavaScript framework. Versions prior to 1.19.2 improperly inferred arrays from dotted form field names during FormData parsing. By submitting mixed array-index and object... | 7.5 | HIGH | β | 0 |
| CVE-2026-24308 Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the clie... | 7.5 | HIGH | β | 0 |
| CVE-2026-4602 Versions of the package jsrsasign before 11.1.1 are vulnerable to Incorrect Conversion between Numeric Types due to handling negative exponents in ext/jsbn2.js. An attacker can force the computation o... | 7.5 | HIGH | β | 0 |
| CVE-2026-32130 ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management (SCIM) API to provision users from extern... | 7.5 | HIGH | β | 0 |
| CVE-2026-31899 CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive <use> element amplification in cairosvg/defs.py. This causes... | 7.5 | HIGH | β | 0 |
| CVE-2026-1708 The Appointment Booking Calendar β Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection in all versions up to, and including, 1.6.9.27. This is due to ... | 7.5 | HIGH | β | 0 |
| CVE-2026-28414 Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that en... | 7.5 | HIGH | β | 0 |
| CVE-2026-28400 Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime fla... | 7.5 | HIGH | β | 0 |
| CVE-2026-33012 Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Versions 4.7.0 through 4.10.16 used an unbounded ConcurrentHashMap cache ... | 7.5 | HIGH | β | 0 |
| CVE-2026-28429 Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871, a Path Traversal vulnerability was identified in the gameName parameter. While the application's primary entry points implement... | 7.5 | HIGH | β | 0 |
| CVE-2026-30933 FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-beta and 1.2.2-stable, the remediation for CVE-2026-27611 is incomplete. Password protected shares still disclose tok... | 7.5 | HIGH | β | 0 |
| CVE-2026-32256 music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser (`parseExtensionObject()` in `lib/asf/AsfParser.ts:112-158`) enters an infini... | 7.5 | HIGH | β | 0 |
| CVE-2026-27640 tfplan2md is software for converting Terraform plan JSON files into human-readable Markdown reports. Prior to version 1.26.1, a bug in tfplan2md affected several distinct rendering paths: AzApi resour... | 7.5 | HIGH | β | 0 |
| CVE-2026-31814 Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. From 0.13.0 to before 0.13.9, a specially crafted WindowUpdate can cause arithmetic overflow in send-window accounting,... | 7.5 | HIGH | β | 0 |
| CVE-2026-32933 AutoMapper is a convention-based object-object mapper in .NET. Versions prior to 15.1.1 and 16.1.1 are vulnerable to a Denial of Service (DoS) attack. When mapping deeply nested object graphs, the lib... | 7.5 | HIGH | β | 0 |
| CVE-2026-2673 Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the 'DEFAULT' keyword. ... | 7.5 | HIGH | β | 0 |
| CVE-2026-2890 The Formidable Forms plugin for WordPress is vulnerable to a payment integrity bypass in all versions up to, and including, 6.28. This is due to the Stripe Link return handler (`handle_one_time_stripe... | 7.5 | HIGH | β | 0 |
| CVE-2026-25501 free5GC SMF provides Session Management Function for free5GC, an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.1, SMF panics due to nil pointer ... | 7.5 | HIGH | β | 0 |
| CVE-2026-31882 Dagu is a workflow engine with a built-in Web user interface. Prior to 2.2.4, when Dagu is configured with HTTP Basic authentication (DAGU_AUTH_MODE=basic), all Server-Sent Events (SSE) endpoints are ... | 7.5 | HIGH | β | 0 |
| CVE-2026-3038 The rtsock_msg_buffer() function serializes routing information into a buffer. As a part of this, it copies sockaddr structures into a sockaddr_storage structure on the stack. It assumes that the so... | 7.5 | HIGH | β | 0 |
| CVE-2026-31894 WeGIA is a web manager for charitable institutions. In 3.6.5, The patched loadBackupDB() extracts tar.gz archives to a temporary directory using PHP's PharData class, then uses glob() and file_get_con... | 7.5 | HIGH | β | 0 |
| CVE-2026-27836 phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF prote... | 7.5 | HIGH | β | 0 |
| CVE-2026-28356 multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parse_options_header() function in multipart.py uses a regular expression with an ambiguous alternat... | 7.5 | HIGH | β | 0 |
| CVE-2026-31973 SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are com... | 7.5 | HIGH | β | 0 |
| CVE-2025-61614 In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | 7.5 | HIGH | β | 0 |
| CVE-2026-24485 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the Decod... | 7.5 | HIGH | β | 0 |
| CVE-2026-32596 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `glances -w`, exposing REST API with sensit... | 7.5 | HIGH | β | 0 |
| CVE-2026-28718 Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186. | 7.5 | HIGH | β | 0 |
| CVE-2026-28691 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an uninitialized pointer dereference vulnerability exists in th... | 7.5 | HIGH | β | 0 |
| CVE-2026-33011 Nest is a framework for building scalable Node.js server-side applications. In versions 11.1.15 and below, a NestJS application using @nestjs/platform-fastify GET middleware can be bypassed because Fa... | 7.5 | HIGH | β | 0 |
| CVE-2026-27603 Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.4, the chart filter endpoint POST /project/:project_... | 7.5 | HIGH | β | 0 |
| CVE-2026-30946 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior 9.5.2-alpha.2 and 8.6.15, an unauthenticated attacker can exhaust Parse Server resources (... | 7.5 | HIGH | β | 0 |
| CVE-2026-25819 HMS Networks Ewon Flexy with firmware before 15.0s4, Cosy+ with firmware 22.xx before 22.1s6, and Cosy+ with firmware 23.xx before 23.0s3 allows unauthenticated attackers to cause a Denial of Service ... | 7.5 | HIGH | β | 0 |
| CVE-2026-24481 ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagi... | 7.5 | HIGH | β | 0 |
| CVE-2026-28799 PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework (evsub.c) that ... | 7.5 | HIGH | β | 0 |
| CVE-2026-27628 pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This h... | 7.5 | HIGH | β | 0 |
| CVE-2026-29078 Lexbor is a web browser engine library. Prior to 2.7.0, the ISOβ2022βJP encoder in Lexbor fails to reset the temporary size variable between iterations. The statement ctx->buffer_used -= size with a s... | 7.5 | HIGH | β | 0 |
| CVE-2026-3658 The Appointment Booking Calendar β Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'fields' parameter in all versions up to, and including, 1.6.... | 7.5 | HIGH | β | 0 |
| CVE-2026-23536 A security issue was discovered in the Feast Feature Server's `/read-document` endpoint that allows an unauthenticated remote attacker to read any file accessible to the server process. By sending a s... | 7.5 | HIGH | β | 0 |
| CVE-2026-22182 wpDiscuz before 7.6.47 contains an unauthenticated denial of service vulnerability that allows anonymous users to trigger mass notification emails by exploiting the checkNotificationType() function. A... | 7.5 | HIGH | β | 0 |
| CVE-2026-29611 OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary f... | 7.5 | HIGH | β | 0 |
| CVE-2026-27778 The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by... | 7.5 | HIGH | β | 0 |
| CVE-2026-3547 Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds read in ALPN handling when built with ALPN enabled (HAVE_ALPN / --enable-alpn). A ... | 7.5 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.