CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-0967 A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can ... | 5.5 | MEDIUM | β | 0 |
| CVE-2018-25215 Excel Password Recovery Professional 8.2.0.0 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long string to the 'E-Mail an... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-28852 A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionO... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-20633 This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data. | 5.5 | MEDIUM | β | 0 |
| CVE-2025-55264 HCL Aftermarket DPC is affected by Failure to Invalidate Session on Password Change will allow attacker to access to a session, then they can maintain control over the account despite the password cha... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-28877 An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27300 Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to discl... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-28845 An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access protected user data. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27222 Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the ap... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-3776 The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code conti... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27301 Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose se... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-33205 calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.6.0, a Server-Side Request Forgery vulnerability in the background-image endpoin... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32214 Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-3777 The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-39855 osslsigncode is a tool that implements Authenticode signing and timestamping. Prior to 2.13, an integer underflow vulnerability exists in osslsigncode version 2.12 and earlier in the PE page-hash comp... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32216 Null pointer dereference in Windows Redirected Drive Buffering allows an authorized attacker to deny service locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2025-66484 IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functio... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-20806 Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-34730 Copier is a library and CLI app for rendering project templates. Prior to version 9.14.1, Copier's _external_data feature allows a template to load YAML files using template-controlled paths. If untru... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-21013 Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32215 Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-27258 DNG SDK versions 1.7.1 2502 and earlier are affected by an out-of-bounds write vulnerability that could lead to application denial-of-service. An attacker could leverage this vulnerability to corrupt ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32218 Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2018-25229 BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the SMTP configuration interface that allows local attackers to crash the application by supplying an oversized string.... | 5.5 | MEDIUM | β | 0 |
| CVE-2019-25649 River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input strin... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-40159 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAIβs MCP (Model Context Protocol) integration allows spawning background servers via stdio using user-supplied command strings (e.g., ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-32217 Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-35620 OpenClaw before 2026.3.24 contains missing authorization vulnerabilities in the /send and /allowlist chat command handlers. The /send command allows non-owner command-authorized senders to change owne... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-14912 IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system,... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33045 Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02 and prior to version 2026.01 the "remaining charge time"-sensor for mobile... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33915 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, five insurance company REST API routes are missing the `RestConfig::r... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33742 Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Product notes fields in Invoice Ninja v5.13.0 allow raw HTML via Markdown rendering, enabling stor... | 5.4 | MEDIUM | β | 0 |
| CVE-2024-46879 A Reflected Cross-Site Scripting (XSS) vulnerability exists in the POST request data zipPath of tiki-admin_system.php in Tiki version 21.2. This vulnerability allows attackers to execute arbitrary Jav... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-6201 A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the component Delete Job Posting Handler. Such manipu... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4332 GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that, in customizable analytics dashboards, could have allowed ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32562 Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPWP: from n/a through <= 1.9... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32859 ByteDance Deer-Flow versions prior to commit 5dbb362Β contain a stored cross-site scripting vulnerability in the artifacts API that allows attackers to execute arbitrary scripts by uploading malicious ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-1015 IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system,... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2505 The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.1, via the 'z_taxonomy_image' shortcode. This is due to the shortcode rend... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-25100 Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its image upload functionality. An authenticated attacker with content upload privileges (such as Author, Editor, or Administrator) can upl... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-33406 Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, configuration values from the /api/config endpoin... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34475 Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or auth... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-34362 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `verifyTokenSocket()` function in `plugin/YPTSocket/functions.php` has its token timeout validation commented ou... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-15445 The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged opera... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-3212 Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Tagify allows Cross-Site Scripting (XSS).This issue affects Tagify: from 0.0.0 before 1.2.4... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-29070 Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an access control check is missing when deleting a file from a knowledge base... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-35207 dde-control-center is the control panel of DDE, the Deepin Desktop Environment. plugin-deepinid is a plugin in dde-control-center, which provides the deepinid cloud service. Prior to 6.1.80, plugin-de... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-70365 A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user c... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-66485 IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. Β This could allow an attacker to conduct various attacks agai... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-3591 A use-after-return vulnerability exists in the `named` server when handling DNS queries signed with SIG(0). Using a specially-crafted DNS request, an attacker may be able to cause an ACL to improperly... | 5.4 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.