CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-32126 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, an inverted boolean condition in ControllerRouter::route() causes the admin/s... | 7.1 | HIGH | β | 0 |
| CVE-2026-32125 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, track/item names from the Track Anything feature are stored from user input (... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32124 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the dynamic code picker AJAX endpoint returns code descriptions (code_text) t... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32123 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, sensitivity checks for group encounters are broken because the code only cons... | 7.7 | HIGH | β | 0 |
| CVE-2026-32122 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, the Claim File Tracker feature exposes an AJAX endpoint that returns billing ... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-32121 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, Stored XSS in prescription CSS/HTML print view via patient demographics. Tha... | 7.7 | HIGH | β | 0 |
| CVE-2026-32118 OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0.1, stored cross-site scripting (XSS) in the Graphical Pain Map ("clickmap") form... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32112 ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form renders user-controlled parameters via Python f-strings with no HTML escaping. An attacker who can reach the OAuth ... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32111 ha-mcp is a Home Assistant MCP Server. Prior to 7.0.0, the ha-mcp OAuth consent form (beta feature) accepts a user-supplied ha_url and makes a server-side HTTP request to {ha_url}/api/config with no U... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-32110 SiYuan is a personal knowledge management system. Prior to 3.6.0, the /api/network/forwardProxy endpoint allows authenticated users to make arbitrary HTTP requests from the server. The endpoint accept... | 8.3 | HIGH | β | 0 |
| CVE-2026-32109 Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html a... | 3.7 | LOW | β | 0 |
| CVE-2026-32108 Copyparty is a portable file server. Prior to 1.20.12, there was a missing permission-check in the shares feature (the shr global-option). This vulnerability only applies when the shares feature is us... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32106 StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the REST API createUser endpoint uses string-based rank checks that only block creating owner acc... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-32104 StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the updateUserNotifications endpoint accepts a user ID from the request payload and uses it to up... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32103 StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.4.3, the POST /studiocms_api/dashboard/create-reset-link endpoint allows any authenticated user with a... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-32102 OliveTin gives access to predefined shell commands from a web interface. In 3000.10.2 and earlier, OliveTinβs live EventStream broadcasts execution events and action output to authenticated dashboard ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-32101 StudioCMS is a server-side-rendered, Astro native, headless content management system. Prior to 0.3.1, the S3 storage manager's isAuthorized() function is declared async (returns Promise<boolean>) but... | 7.6 | HIGH | β | 0 |
| CVE-2026-2640 During an internal security assessment, a potential vulnerability was discovered in Lenovo PC Manager that could allow a local authenticated user to terminate privileged processes. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-2368 An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to execute arbitrary code. | 7.1 | HIGH | β | 0 |
| CVE-2026-1717 An input validation vulnerability was reported in the LenovoProductivitySystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to terminate arbitrary process... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-1716 An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to delete arbitrary registry keys ... | 7.1 | HIGH | β | 0 |
| CVE-2026-1715 An input validation vulnerability was reported in the DeviceSettingsSystemAddin used in Lenovo Vantage and Lenovo Baiying that could allow a local authenticated user to modify arbitrary registry keys ... | 7.1 | HIGH | β | 0 |
| CVE-2026-1653 A potential divide by zero vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to cause a Windows blue screen error. | 5.5 | MEDIUM | β | 0 |
| CVE-2026-1652 A potential buffer overflow vulnerability was reported in the Lenovo Virtual Bus driver used in Smart Connect that could allow a local authenticated user to corrupt memory and cause a Windows blue scr... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-1068 An improper certificate validation vulnerability was reported in the Lenovo Filez application that could allow a user capable of intercepting network traffic to obtain sensitive user data from the app... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-0940 A potential improper initialization vulnerability was reported in the BIOS of some ThinkPads that could allow a local privileged user to modify data and execute arbitrary code. | 6.7 | MEDIUM | β | 0 |
| CVE-2026-0520 A potential vulnerability was reported in the Lenovo FileZ Android application that, under certain conditions, could allow a local authenticated user to retrieve some sensitive data stored in a log fi... | 2.8 | LOW | β | 0 |
| CVE-2025-70041 An issue pertaining to CWE-259: Use of Hard-coded Password was discovered in oslabs-beta ThermaKube master. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-70024 An issue pertaining to CWE-89: Improper Neutralization of Special Elements used in an SQL Command was discovered in benkeen generatedata 4.0.14. | 9.8 | CRITICAL | β | 0 |
| CVE-2025-66956 Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL. | 9.9 | CRITICAL | β | 0 |
| CVE-2026-3954 A weakness has been identified in OpenBMB XAgent 1.0.0. Affected by this vulnerability is the function workspace of the file XAgentServer/application/routers/workspace.py. This manipulation of the arg... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-3951 A security flaw has been discovered in LockerProject Locker 0.0.0/0.0.1/0.1.0. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Respo... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-3950 A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to ou... | 3.3 | LOW | β | 0 |
| CVE-2026-32234 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.10 and 8.6.36, an attacker with access to the master key can inject malicio... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-32098 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.6.0-alpha.9 and 8.6.35, an attacker can exploit LiveQuery subscriptions to infer the ... | 7.5 | HIGH | β | 0 |
| CVE-2026-32097 PingPong is a platform for using large language models (LLMs) for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorizati... | 8.8 | HIGH | β | 0 |
| CVE-2026-32096 Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.0, a Server-Side Request Forgery (SSRF) vulnerability existed in the SNS webhook handler. An unauthenticated attacker could... | 9.3 | CRITICAL | β | 0 |
| CVE-2026-32095 Plunk is an open-source email platform built on top of AWS SES. Prior to 0.7.1, Plunk's image upload endpoint accepted SVG files, which browsers treat as active documents capable of executing embedded... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-32094 Shescape is a simple shell escape library for JavaScript. Prior to 2.1.10, Shescape#escape() does not escape square-bracket glob syntax for Bash, BusyBox sh, and Dash. Applications that interpolate th... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-31979 Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Prior to 3.1.0 and 2.3.8, the himmelblaud-tasks daemon, running as root, writes Kerberos cache files under /tmp/krb5cc_... | 8.8 | HIGH | β | 0 |
| CVE-2026-31976 xygeni-action is the GitHub Action for Xygeni Scanner. On March 3, 2026, an attacker with access to compromised credentials created a series of pull requests (#46, #47, #48) injecting obfuscated shell... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-31974 OpenProject is an open-source, web-based project management software. Prior to 17.2.0, OpenProject SMTP test endpoint (POST /admin/settings/mail_notifications) accepts arbitrary host and port values a... | 3.0 | LOW | β | 0 |
| CVE-2026-31961 Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitatio... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-31960 Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-31959 Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains a Server-Side Request Forgery (SSRF) vulnerability when attempting to fetch the Apple ... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-31958 Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts in multipart/form-data is the max_body_size setting ... | 7.5 | HIGH | β | 0 |
| CVE-2026-31957 Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 3.0.0 to before 3.1.0, if Himmelblau is deployed without a configured tenant domain in himmelblau.conf, authentica... | 10.0 | CRITICAL | β | 0 |
| CVE-2026-31954 Emlog is an open source website building system. In 2.6.6 and earlier, the delete_async action (asynchronous delete) lacks a call to LoginAuth::checkToken(), enabling CSRF attacks. | 0.0 | NONE | β | 0 |
| CVE-2026-31901 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.34 and 9.6.0-alpha.8, the email verification endpoint (/verificationEmailRequest) r... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-31900 Black is the uncompromising Python code formatter. Black provides a GitHub action for formatting code. This action supports an option, use_pyproject: true, for reading the version of Black to use from... | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.