CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-22922 Apache Airflow versions 3.1.0 through 3.1.6 contain an authorization flaw that can allow an authenticated user with custom permissions limited to task access to view task logs without having task log ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25846 In JetBrains YouTrack before 2025.3.119033 access tokens could be exposed in Mailbox logs | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25847 In JetBrains PyCharm before 2025.3.2 a DOM-based XSS on Jupyter viewer page was possible | 8.2 | HIGH | β | 0 |
| CVE-2026-25848 In JetBrains Hub before 2025.3.119807 authentication bypass allowing administrative actions was possible | 9.1 | CRITICAL | β | 0 |
| CVE-2025-6830 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpoda TΓΌrkiye Information Technology Inc. Password Module allows SQL Injection.This issue affects ... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-7708 Insertion of Sensitive Information Into Sent Data vulnerability in Atlas Educational Software Industry Ltd. Co. K12net allows Communication Channel Manipulation.This issue affects k12net: through 0902... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-0632 The Fluent Forms Pro Add On Pack plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.12 via the 'saveDataSource' function. This makes it possibl... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-2246 A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this vulnerability is the function apriltag_detector_detect of the file apriltag.c. The manipulation leads... | 3.3 | LOW | β | 0 |
| CVE-2026-25528 LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. The LangSmith SDK's distributed tracing feature is vulnerable to Server-Side Request Forgery via malicious HTTP headers... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-25639 Axios is a promise based HTTP client for the browser and Node.js. Prior to versions 0.30.3 and 1.13.5, the mergeConfig function in axios crashes with a TypeError when processing configuration objects ... | 7.5 | HIGH | β | 0 |
| CVE-2026-25740 captive browser, a dedicated Chrome instance to log into captive portals without messing with DNS settings. In 25.05 and earlier, when programs.captive-browser is enabled, any user of the system can r... | N/A | NONE | β | 0 |
| CVE-2026-25806 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the GET /api/students/:email PUT /api/students/:email/status, and DELETE /api/students/:email routes i... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-25809 PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the code evaluation endpoint does not validate the assessment lifecycle state before allowing executio... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-11547 AXIS Camera Station Pro contained a flaw toΒ perform a privilege escalation attack on the server as a non-admin user. | 7.8 | HIGH | β | 0 |
| CVE-2026-0845 The WCFM β Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege esca... | 7.2 | HIGH | β | 0 |
| CVE-2026-2258 A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to ... | 3.3 | LOW | β | 0 |
| CVE-2026-0484 Due to missing authorization check in SAP NetWeaver Application Server ABAP and SAP S/4HANA, an authenticated attacker could access a specific transaction code and modify the text data in the system. ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-0485 SAP BusinessObjects BI Platform allows an unauthenticated attacker to send specially crafted requests that could cause the Content Management Server (CMS) to crash and automatically restart. By repeat... | 7.5 | HIGH | β | 0 |
| CVE-2026-0486 In ABAP based SAP systems a remote enabled function module does not perform necessary authorization checks for an authenticated user resulting in disclosure of system information.This has low impact o... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-23689 Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function... | 7.7 | HIGH | β | 0 |
| CVE-2026-24312 An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensiti... | 5.2 | MEDIUM | β | 0 |
| CVE-2026-24319 In SAP Business One, sensitive information is written to the applicationοΏ½s memory dump files without obfuscation. Gaining access to this information could potentially lead to unauthorized operations w... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-24320 Due to improper memory management in SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker could exploit logical errors in memory management by supplying specially craft... | 3.1 | LOW | β | 0 |
| CVE-2026-24321 SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be public... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-12757 An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to. | 4.6 | MEDIUM | β | 0 |
| CVE-2025-13064 A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script which is executed by the server. This attack is only possible if the admin uses a... | 4.5 | MEDIUM | β | 0 |
| CVE-2026-0996 The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14 due to a combination of missing authoriza... | 6.4 | MEDIUM | β | 0 |
| CVE-2025-12063 An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the appropriate permissions. | 5.7 | MEDIUM | β | 0 |
| CVE-2026-2093 Docpedia developed by Flowring has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | 7.5 | HIGH | β | 0 |
| CVE-2026-2094 Docpedia developed by Flowring has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | 8.8 | HIGH | β | 0 |
| CVE-2026-2095 Agentflow developed by Flowring has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to exploit a specific functionality to obtain arbitrary user authentication token ... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2096 Agentflow developed by Flowring has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to read, modify, and delete database contents by using a specific functionality. | 9.8 | CRITICAL | β | 0 |
| CVE-2024-36310 Improper input validation in the SMM communications buffer could allow a privileged attacker to perform an out of bounds read or write to SMRAM potentially resulting in loss of confidentiality or inte... | N/A | NONE | β | 0 |
| CVE-2026-23719 A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected application is vulnerable to heap-based buffer overflow while pars... | 7.8 | HIGH | β | 0 |
| CVE-2026-23720 A vulnerability has been identified in Simcenter Femap (All versions < V2512), Simcenter Nastran (All versions < V2512). The affected applications contains an out of bounds read vulnerability while pa... | 7.8 | HIGH | β | 0 |
| CVE-2026-23901 Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1.*, 2.* before 2.0.7. Users are recommended to upgrade to version 2.0.7 or later, which fixes the ... | 2.5 | LOW | β | 0 |
| CVE-2026-23906 Affected Products and Versions * Apache Druid * Affected Versions: 0.17.0 through 35.x (all versions prior to 36.0.0) * Prerequisites: * druid-basic-security extension enabled * LDAP aut... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-24343 Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in Apache HertzBeat. This issue affects Apache HertzBeat: from 1.7.1 before 1.8.0. Users are recommended to... | 8.8 | HIGH | β | 0 |
| CVE-2026-25655 A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP2). The affected application permits improper modification of a configuration file by a low-privileged user. This could allow a... | 7.8 | HIGH | β | 0 |
| CVE-2024-36355 Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execu... | N/A | NONE | β | 0 |
| CVE-2026-1602 SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-1774 CASL Ability, versions 2.4.0 through 6.7.4, contains a prototype pollution vulnerability. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-21743 A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions ... | 7.2 | HIGH | β | 0 |
| CVE-2026-22153 An Authentication Bypass by Primary Weakness vulnerability [CWE-305] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4 may allow an unauthenticated attacker to bypass LDAP authentication of Agentl... | 8.1 | HIGH | β | 0 |
| CVE-2025-20070 Improper conditions check for the Intel(R) Optane(TM) PMem management software before versions CR_MGMT_02.00.00.4052, CR_MGMT_03.00.00.0538 within Ring 3: User Applications may allow an escalation of ... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-20080 Null pointer dereference in the firmware for some Intel(R) AMT and Intel(R) Standard Manageability within Ring 0: Kernel may allow a denial of service. Network adversary with an unauthenticated user c... | 6.8 | MEDIUM | β | 0 |
| CVE-2025-20106 Uncontrolled search path in some software installer for some VTune(TM) Profiler software and Intel(R) oneAPI Base Toolkits before version 2025.0. within Ring 3: User Applications may allow an escalati... | 6.7 | MEDIUM | β | 0 |
| CVE-2025-0012 Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in ... | N/A | NONE | β | 0 |
| CVE-2025-32008 Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated u... | 8.6 | HIGH | β | 0 |
| CVE-2025-32452 Uncontrolled search path for some AI Playground before version 2.6.1 beta within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated u... | 6.7 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.