CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-31898 jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of arguments of the `createAnnotation` method allows users to inject arbitrary PDF objects, such as JavaScript a... | 8.1 | HIGH | β | 0 |
| CVE-2026-31938 jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.2.1, user control of the `options` argument of the `output` function allows attackers to inject arbitrary HTML (such as scripts) i... | 9.6 | CRITICAL | β | 0 |
| CVE-2026-32254 Kube-router is a turnkey solution for Kubernetes networking. Prior to version 2.8.0, Kube-router's proxy module does not validate externalIPs or loadBalancer IPs before programming them into the node'... | 7.1 | HIGH | β | 0 |
| CVE-2026-32256 music-metadata is a metadata parser for audio and video media files. Prior to version 11.12.3, music-metadata's ASF parser (`parseExtensionObject()` in `lib/asf/AsfParser.ts:112-158`) enters an infini... | 7.5 | HIGH | β | 0 |
| CVE-2026-32265 The Amazon S3 for Craft CMS plugin provides an Amazon S3 integration for Craft CMS. In versions 2.0.2 through 2.2.4, unauthenticated users can view a list of buckets the plugin has access to. The `Buc... | N/A | NONE | β | 0 |
| CVE-2026-32268 The Azure Blob Storage for Craft CMS plugin provides an Azure Blob Storage integration for Craft CMS. In versions on the 2.x branch prior to 2.1.1, unauthenticated users can view a list of buckets the... | N/A | NONE | β | 0 |
| CVE-2026-32596 Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.2, Glances web server runs without authentication by default when started with `glances -w`, exposing REST API with sensit... | 7.5 | HIGH | β | 0 |
| CVE-2026-32606 IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physic... | 7.6 | HIGH | β | 0 |
| CVE-2025-15363 The Get Use APIs WordPress plugin before 2.0.10 executes imported JSON, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks under certain server configur... | 5.9 | MEDIUM | β | 0 |
| CVE-2026-32608 Glances is an open-source system cross-platform monitoring tool. The Glances action system allows administrators to configure shell commands that execute when monitoring thresholds are exceeded. These... | 7.0 | HIGH | β | 0 |
| CVE-2026-3512 The Writeprint Stylometry plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'p' GET parameter in all versions up to and including 0.1. This is due to insufficient input sani... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-22320 A stack-based buffer overflow in the CLI's TFTP fileβtransfer command handling allows a low-privileged attacker with Telnet/SSH access to trigger memory corruption by supplying unexpected or oversized... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-22321 A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thre... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-22322 A stored crossβsite scripting (XSS) vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to create a trunk entry containing malicious HTML/JavaScript... | 7.1 | HIGH | β | 0 |
| CVE-2026-22323 A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by lur... | 7.1 | HIGH | β | 0 |
| CVE-2026-1217 The Yoast Duplicate Post plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clone_bulk_action_handler() and republish_request() functions ... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-12518 beefree.io SDK is vulnerable to Stored XSS in Social Media icon URL parameter in email builder functionality. Malicious attacker can inject arbitrary HTML and JS into template, which will be rendered/... | N/A | NONE | β | 0 |
| CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file syst... | N/A | NONE | β | 0 |
| CVE-2025-71266 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can ... | N/A | NONE | β | 0 |
| CVE-2025-71267 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can lea... | N/A | NONE | β | 0 |
| CVE-2026-32691 A race condition in the secrets management subsystem of Juju versions 3.0.0 through 3.6.18 allows an authenticated unit agent to claim ownership of a newly initialized secret. Between generating a Juj... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-23244 In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvme_pr_read_keys() nvme_pr_read_keys() takes num_keys from userspace and uses it to calculate the ... | N/A | NONE | β | 0 |
| CVE-2026-23247 In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") tc... | N/A | NONE | β | 0 |
| CVE-2026-23243 In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header... | 7.8 | HIGH | β | 0 |
| CVE-2026-32692 An authorization bypass vulnerability in the Vault secrets back-end implementation of Juju versions 3.1.6 through 3.6.18 allows an authenticated unit agent to perform unauthorized updates to secret re... | 7.6 | HIGH | β | 0 |
| CVE-2026-32693 In Juju from version 3.0.0 through 3.6.18, the authorization of the "secret-set" tool is not performed correctly, which allows a grantee to update the secret content, and can lead to reading or updati... | 8.8 | HIGH | β | 0 |
| CVE-2026-32694 In Juju from version 3.0.0 through 3.6.18, when a secret owner grants permissions to a secret to a grantee, the secret owner relies exclusively on a predictable XID of the secret to verify ownership. ... | 6.6 | MEDIUM | β | 0 |
| CVE-2026-3278 Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenTextβ’ ZENworks Service Desk allows Cross-Site Scripting (XSS).Β The vulnerability could allow a... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-32609 Glances is an open-source system cross-platform monitoring tool. The GHSA-gh4x fix (commit 5d3de60) addressed unauthenticated configuration secrets exposure on the `/api/v4/config` endpoints by introd... | 7.5 | HIGH | β | 0 |
| CVE-2026-25449 Deserialization of Untrusted Data vulnerability in shinetheme Traveler traveler allows Object Injection.This issue affects Traveler: from n/a through < 3.2.8.1. | N/A | NONE | β | 0 |
| CVE-2026-24063 When a plugin is installed using the Arturia Software Center (MacOS), it also installs an uninstall.sh bash script in a root owned path. This script is written to disk with the file permissions 777, m... | 8.2 | HIGH | β | 0 |
| CVE-2026-2512 The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field meta values in all versions up to, and including, 2.5.1. This is due to the plugin's sanitization func... | 6.4 | MEDIUM | β | 0 |
| CVE-2026-2559 The Post SMTP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `handle_office365_oauth_redirect()` function in all versions up to, and i... | 5.3 | MEDIUM | β | 0 |
| CVE-2026-2991 The KiviCare β Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 4.1.2. This is due to the `patientSocialLogin(... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-2992 The KiviCare β Clinic & Patient Management System (EHR) plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization on the `/wp-json/kivicare/v1/setup-wizard/clinic` REST A... | 8.2 | HIGH | β | 0 |
| CVE-2026-3090 The Post SMTP β Complete Email Deliverability and SMTP Solution with Email Logs, Alerts, Backup SMTP & Mobile App plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the βevent_typeβ... | 7.2 | HIGH | β | 0 |
| CVE-2026-1463 The Photo Gallery, Sliders, Proofing and Themes β NextGEN Gallery plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.3 via the 'template' parameter in... | 8.8 | HIGH | β | 0 |
| CVE-2026-30345 A zip slip vulnerability in the Admin import functionality of CTFd v3.8.1-18-gdb5a18c4 allows attackers to write arbitrary files outside the intended directories via supplying a crafted import. | 7.5 | HIGH | β | 0 |
| CVE-2026-30695 A Cross-Site Scripting (XSS) vulnerability exists in the web-based configuration interface of Zucchetti Axess access control devices, including XA4, X3/X3BIO, X4, X7, and XIO / i-door / i-door+. The v... | 6.1 | MEDIUM | β | 0 |
| CVE-2025-71268 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent If we fail to allocate a path or join a transaction, ... | N/A | NONE | β | 0 |
| CVE-2025-71269 In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC If we fail to create an inline extent due to -ENOSPC, w... | N/A | NONE | β | 0 |
| CVE-2025-71270 In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory ac... | N/A | NONE | β | 0 |
| CVE-2026-23249 In the Linux kernel, the following vulnerability has been resolved: xfs: check for deleted cursors when revalidating two btrees The free space and inode btree repair functions will rebuild both btre... | N/A | NONE | β | 0 |
| CVE-2026-23250 In the Linux kernel, the following vulnerability has been resolved: xfs: check return value of xchk_scrub_create_subord Fix this function to return NULL instead of a mangled ENOMEM, then fix the cal... | N/A | NONE | β | 0 |
| CVE-2026-23251 In the Linux kernel, the following vulnerability has been resolved: xfs: only call xf{array,blob}_destroy if we have a valid pointer Only call the xfarray and xfblob destructor if we have a valid po... | N/A | NONE | β | 0 |
| CVE-2026-23254 In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the `encapsulation... | N/A | NONE | β | 0 |
| CVE-2026-23255 In the Linux kernel, the following vulnerability has been resolved: net: add proper RCU protection to /proc/net/ptype Yin Fengwei reported an RCU stall in ptype_seq_show() and provided a patch. Rea... | N/A | NONE | β | 0 |
| CVE-2026-23256 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the... | N/A | NONE | β | 0 |
| CVE-2026-23257 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setup_nic_devices() cleanup In setup_nic_devices(), the initialization loop jumps to the... | N/A | NONE | β | 0 |
| CVE-2026-23258 In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setup_nic_devices(), the netdev is allocated using alloc_etherdev_m... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.