CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-40896 The server certificate was not verified when an Arc agent connected to a Guardian or CMC. A malicious actor could perform a man-in-the-middle attack and intercept the communication between the Arc ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23817 A vulnerability in the web-based management interface of AOS-CX Switches could allow an unauthenticated remote attacker to redirect users to an arbitrary URL. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28685 Kimai is a web-based multi-user time-tracking application. Prior to version 2.51.0, "GET /api/invoices/{id}" only checks the role-based view_invoice permission but does not verify the requesting user ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28552 Out-of-bounds write vulnerability in the IMS module.Β Impact: Successful exploitation of this vulnerability may affect availability. | 6.5 | MEDIUM | β | 0 |
| CVE-2025-59787 2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input... | 6.5 | MEDIUM | β | 0 |
| CVE-2024-43766 In multiple functions of btm_ble_sec.cc, there is a possible unencrypted communication due to Invalid error handling. This could lead to remote (proximal/adjacent) information disclosure with no addit... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-12801 A vulnerability was recently discovered in the rpc.mountd daemon in the nfs-utils package for Linux, that allows a NFSv3 client to escalate the privileges assigned to it in the /etc/exports file at mo... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-2256 A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived inp... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28557 wpForo Forum 2.4.14 contains a missing capability check vulnerability that allows authenticated users to trigger bulk wpForo usergroup reassignment via the wpforo_synch_roles AJAX handler. Attackers a... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27954 Live Helper Chat is an open-source application that enables live support websites. In versions up to and including 4.52, three chat action endpoints (holdaction.php, blockuser.php, and transferchat.p... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27943 OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, the eye exam (eye_mag) view loads data by `form_id` (or ... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-47371 Transient DOS when an LTE RLC packet with invalid TB is received by UE. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27129 Craft is a content management system (CMS). In versions 4.5.0-RC1 through 4.16.18 and 5.0.0-RC1 through 5.8.22, the SSRF validation in Craft CMSβs GraphQL Asset mutation uses `gethostbyname()`, which ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-29606 OpenClaw versions prior to 2026.2.14 contain a webhook signature-verification bypass in the voice-call extension that allows unauthenticated requests when the tunnel.allowNgrokFreeTierLoopbackBypass o... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28412 Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server imposes no limit on concurrent connections. Combined with a broadcast timer that sends state to... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27946 ZITADEL is an open source identity management platform. Prior to versions 4.11.1 and 3.4.7, a vulnerability in Zitadel's self-management capability allowed users to mark their email and phone as verif... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28781 Craft is a content management system (CMS). Prior to 4.17.0-beta.1 and 5.9.0-beta.1, the entry creation process allows for Mass Assignment of the authorId attribute. A user with "Create Entries" permi... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27945 ZITADEL is an open source identity management platform. Zitadel Action V2 (introduced as early preview in 2.59.0, beta in 3.0.0 and GA in 4.0.0) is a webhook based approach to allow developers act on ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27829 Astro is a web framework. In versions 9.0.0 through 9.5.3, a bug in Astro's image pipeline allows bypassing `image.domains` / `image.remotePatterns` restrictions, enabling the server to fetch content ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27362 Missing Authorization vulnerability in kamleshyadav WP Bakery Autoresponder Addon vc-autoresponder-addon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP B... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27354 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace WooCommerce Coming Soon Product with Countdown woo-coming-soon-product allows Store... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20001 A vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to inade... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28481 OpenClaw versions 2026.1.30 and earlier, contain an information disclosure vulnerability, patched in 2026.2.1, in the MS Teams attachment downloader (optional extension must be enabled) that leaks bea... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-2984 A vulnerability was identified in SourceCodester Student Result Management System 1.0. This affects an unknown function of the file /admin/core/drop_user.php. Such manipulation of the argument ID lead... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-70044 An issue pertaining to CWE-295: Improper Certificate Validation was discovered in fofolee uTools-quickcommand 5.0.3. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27514 Shenzhen Tenda F3 Wireless RouterΒ firmware V12.01.01.55_multi contains a sensitive information exposure vulnerability in the configuration download functionality. The configuration download response i... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28038 Missing Authorization vulnerability in Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue ... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-27555 Airflow versions before 2.11.1 have a vulnerability that allows authenticated users with audit log access to see sensitive values in audit logs which they should not see. When sensitive connection par... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23969 Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included re... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-2698 An improper access control vulnerability exists where an authenticated user could access areas outside of their authorized scope. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23980 Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') vulnerability in Apache Superset allows an authenticated user with read access to conduct error-based SQL injection ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23521 Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain an issue in which authenticated users who can create or edit devices can set a device `uniqueId` to an absolu... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20064 A vulnerability in of Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) con... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23982 An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prev... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28480 OpenClaw versions prior to 2026.2.14 contain an authorization bypass vulnerability where Telegram allowlist matching accepts mutable usernames instead of immutable numeric sender IDs. Attackers can sp... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23983 A Sensitive Data Exposure vulnerability exists in Apache Superset allowing authenticated users to retrieve sensitive user information. The Tag endpoint (disabled by default) allows users to retrieve a... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-20036 A vulnerability in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with valid administrative privileges to execute arbitrary comm... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23984 An Improper Input Validation vulnerability exists in Apache Superset that allows an authenticated user with SQLLab access to bypass the read-only verification check when using a PostgreSQL database co... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-2845 An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an authenticated user to cause denial of... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27015 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, a missing bounds check in `smartcard_unpack_read_size_align()` (`libfreerdp/utils/smartcard_pack.c:1703`) allo... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-24896 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMRβs edih_main.php... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-3525 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have, under certain circumstances, allowed an authen... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25930 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the Layout-Based Form (LBF) printable view accepts `formid` and `visiti... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27567 Payload is a free and open source headless content management system. Prior to 3.75.0, a Server-Side Request Forgery (SSRF) vulnerability exists in Payload's external file upload functionality. When p... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25929 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controllerβs `patient_picture` context serves the patientβ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27611 FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to versions 1.1.3-stable and 1.2.6-beta, when users share password-protected files, the recipient can completely bypass the pa... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27609 Parse Dashboard is a standalone dashboard for managing Parse Server apps. In versions 7.3.0-alpha.42 through 9.0.0-alpha.7, the AI Agent API endpoint (`POST /apps/:appId/agent`) lacks CSRF protection.... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-69343 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordP... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-3125 A Server-Side Request Forgery (SSRF) vulnerability was identified in the @opennextjs/cloudflare package, resulting from a path normalization bypass in the /cdn-cgi/image/ handler.The @opennextjs/cloud... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23799 Missing Authorization vulnerability in Themeum Tutor LMS tutor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tutor LMS: from n/a through <= 3.9.5. | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.