CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-3449 Versions of the package @tootallnate/once before 3.0.1 are vulnerable to Incorrect Control Flow Scoping in promise resolving when AbortSignal option is used. The Promise remains in a permanently pendi... | 3.3 | LOW | β | 0 |
| CVE-2026-1492 The User Registration & Membership β Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-20801 Cleartext Transmission of Sensitive Information (CWE-319) inΒ a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrationsΒ allows unprivileged users with local network access t... | 5.6 | MEDIUM | β | 0 |
| CVE-2026-20757 Improper LockingΒ vulnerability (CWE-667) inΒ Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command C... | 2.5 | LOW | β | 0 |
| CVE-2025-47147 Cleartext Storage of Sensitive Information (CWE-312) in the Command Centre Mobile Client on Android and iOS could allow an attacker with access to a logged-in Operator's mobile device to extract the s... | 5.7 | MEDIUM | β | 0 |
| CVE-2026-2628 The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthe... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2448 The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.33.5 via the locate_template() function. This makes it possible for au... | 8.8 | HIGH | β | 0 |
| CVE-2026-2269 The Uncanny Automator β Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3... | 7.2 | HIGH | β | 0 |
| CVE-2026-1487 The LatePoint β Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to SQL Injection via the JSON Import in all versions up to, and including, 5.2.7 due to insuffici... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-0754 An embedded test key and certificate could be extracted from a Poly Voice device using specialized reverse engineering tools. This extracted certificate could be accepted by a SIP service provider if ... | N/A | NONE | β | 0 |
| CVE-2026-1566 The LatePoint β Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 5.2.7. This is d... | 8.8 | HIGH | β | 0 |
| CVE-2026-1336 The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the store_data() and get... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-2583 The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the `blocksy_meta` metadata fields in all versions up to, and including, 2.1.30 due to insufficient input sanitization ... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-3338 Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of A... | 7.5 | HIGH | β | 0 |
| CVE-2026-3337 Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations ... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-3336 Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the fina... | 7.5 | HIGH | β | 0 |
| CVE-2026-2256 A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived inp... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27631 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an uncaught exception was found in Exiv2. The vulne... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-27596 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found in Exiv2. The vulne... | 7.5 | HIGH | β | 0 |
| CVE-2026-26713 code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/cancel-order.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26712 code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket-admin.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-25884 Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability ... | 8.1 | HIGH | β | 0 |
| CVE-2026-25477 AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.26.0, there is an Open Redirect vulnerability located at the /redirect-proxy endpoint. The flaw exists in the... | N/A | NONE | β | 0 |
| CVE-2026-21882 theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via comm... | 8.4 | HIGH | β | 0 |
| CVE-2026-26711 code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/view-ticket.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26710 code-projects Simple Food Order System v1.0 is vulnerable to SQL Injection in /food/routers/edit-orders.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-26709 code-projects Simple Gym Management System v1.0 is vulnerable to SQL Injection in /gym/trainer_search.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21853 AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedd... | 8.8 | HIGH | β | 0 |
| CVE-2026-0047 In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege... | 8.4 | HIGH | β | 0 |
| CVE-2026-0038 In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional executio... | 8.4 | HIGH | β | 0 |
| CVE-2026-0037 In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed.... | 8.4 | HIGH | β | 0 |
| CVE-2026-0035 In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of priv... | 8.4 | HIGH | β | 0 |
| CVE-2026-0034 In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no addit... | 8.4 | HIGH | β | 0 |
| CVE-2026-0032 In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileg... | 7.8 | HIGH | β | 0 |
| CVE-2026-0031 In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges nee... | 8.4 | HIGH | β | 0 |
| CVE-2026-0030 In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional executi... | 8.4 | HIGH | β | 0 |
| CVE-2026-0029 In __pkvm_init_vm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. Us... | 8.4 | HIGH | β | 0 |
| CVE-2026-0028 In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privilege... | 8.4 | HIGH | β | 0 |
| CVE-2026-0027 In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User int... | 6.7 | MEDIUM | β | 0 |
| CVE-2026-0026 In removePermission of PermissionManagerServiceImpl.java, there is a possible way to override any system permission due to a logic error in the code. This could lead to local escalation of privilege ... | 7.8 | HIGH | β | 0 |
| CVE-2026-0025 In hasImage of Notification.java, there is a possible way to reveal information across users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution ... | 8.4 | HIGH | β | 0 |
| CVE-2026-0024 In isRedactionNeededForOpenViaContentResolver of MediaProvider.java, there is a possible way to reveal the location of media due to a missing permission check. This could lead to local information dis... | 4.0 | MEDIUM | β | 0 |
| CVE-2026-0023 In createSessionInternal of PackageInstallerService.java, there is a possible way for an app to update its ownership due to a missing permission check. This could lead to local escalation of privilege... | 7.8 | HIGH | β | 0 |
| CVE-2026-0021 In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additio... | 8.4 | HIGH | β | 0 |
| CVE-2026-0020 In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of priv... | 8.4 | HIGH | β | 0 |
| CVE-2026-0017 In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional executi... | 7.7 | HIGH | β | 0 |
| CVE-2026-0015 In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution ... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-0014 In isPackageNullOrSystem of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional executi... | 6.2 | MEDIUM | β | 0 |
| CVE-2026-0013 In setupLayout of PickActivity.java, there is a possible way to start any activity as a DocumentsUI app due to a confused deputy. This could lead to local escalation of privilege with no additional ex... | 8.4 | HIGH | β | 0 |
| CVE-2026-0012 In setHideSensitive of ExpandableNotificationRow.java, there is a possible contact name leak due due to a logic error in the code. This could lead to local information disclosure with no additional ex... | 6.2 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.