CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2025-70028 An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. | 7.5 | HIGH | β | 0 |
| CVE-2026-4366 A flaw was identified in Keycloak, an identity and access management solution, where it improperly follows HTTP redirects when processing certain client configuration requests. This behavior allows an... | 5.8 | MEDIUM | β | 0 |
| CVE-2026-23659 Exposure of sensitive information to an unauthorized actor in Azure Data Factory allows an unauthorized attacker to disclose information over a network. | 8.6 | HIGH | β | 0 |
| CVE-2026-33368 Zimbra Collaboration Suite (ZCS) 10.0 and 10.1 contains a reflected cross-site scripting (XSS) vulnerability in the Classic Webmail REST interface (/h/rest). The application fails to properly sanitize... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33370 An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A stored cross-site scripting (XSS) vulnerability exists in the Zimbra Briefcase feature due to insufficient sanitization of specif... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-33371 An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. An XML External Entity (XXE) vulnerability exists in the Zimbra Exchange Web Services (EWS) SOAP interface due to improper handling... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-21671 A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | 9.1 | CRITICAL | β | 0 |
| CVE-2026-33581 OpenClaw before 2026.3.24 contains a sandbox bypass vulnerability in the message tool that allows attackers to read arbitrary local files by using mediaUrl and fileUrl alias parameters that bypass loc... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-34504 OpenClaw before 2026.3.28 contains a server-side request forgery vulnerability in the fal provider image-generation-provider.ts component that allows attackers to fetch internal URLs. A malicious or c... | 8.3 | HIGH | β | 0 |
| CVE-2026-5190 Out-of-bounds write in the streaming decoder component in aws-c-event-stream before 0.6.0 might allow a third party operating a server to cause memory corruption leading to arbitrary code execution on... | 7.5 | HIGH | β | 0 |
| CVE-2026-34218 ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single ... | 5.5 | MEDIUM | β | 0 |
| CVE-2026-34243 wenxian is a tool to generate BIBTEX files from given identifiers (DOI, PMID, arXiv ID, or paper title). In versions 0.3.1 and prior, a GitHub Actions workflow uses untrusted user input from issue_com... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-5206 A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argument... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3356 The MS27102A Remote Spectrum Monitor is vulnerable to an authentication bypass that allows unauthorized users to access and manipulate its management interface. Because the device provides no mechanis... | N/A | NONE | β | 0 |
| CVE-2026-32921 OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not bound across approval and execution phases. Attackers can obtain approval for scr... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-33470 Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from ... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-12462 A Blind SQL injection vulnerability has been identified in DobryCMS. Β A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injecti... | N/A | NONE | β | 0 |
| CVE-2026-26070 EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to `std::map<std::optional>` concurrent access (container/optional corruption possible). The trigger is a... | 4.6 | MEDIUM | β | 0 |
| CVE-2026-26071 EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to `std::string` concurrent access. with heap-use-after-free possible. This is triggered by EVCCID update... | 4.2 | MEDIUM | β | 0 |
| CVE-2026-26072 EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to `std::map<std::optional>` concurrent access (container/optional corruption possible). The trigger is E... | 4.2 | MEDIUM | β | 0 |
| CVE-2026-33402 Sakai is a Collaboration and Learning Environment (CLE). In versions 23.0 through 23.4 and 25.0 through 25.1, group titles and description can contain cross-site scripting scripts. The patch is includ... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-34881 OpenStack Glance before 29.1.1, 30.x before 30.1.1, and 31.0.0 is affected by Server-Side Request Forgery (SSRF). By use of HTTP redirects, an authenticated user can bypass URL validation checks and r... | 5.0 | MEDIUM | β | 0 |
| CVE-2026-33663 n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with the `global:member` role could exploit chained authorization flaws in n8n... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33622 PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` through `v0.8.5` allow arbitrary JavaScript execution through `POST /wait` and `POST /... | 8.8 | HIGH | β | 0 |
| CVE-2026-33867 WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to password-protect individual videos. The video password is stored in the database in ... | 7.5 | HIGH | β | 0 |
| CVE-2026-4818 In Search Guard FLX versions from 3.0.0 up to 4.0.1, there exists an issue which allows users without the necessary privileges to execute some management operations against data streams. | 6.8 | MEDIUM | β | 0 |
| CVE-2026-34573 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be explo... | 7.5 | HIGH | β | 0 |
| CVE-2026-5203 A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGu... | 4.7 | MEDIUM | β | 0 |
| CVE-2025-15605 A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated att... | 7.3 | HIGH | β | 0 |
| CVE-2025-15606 A Denial-of-Service (DoS) vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the htt... | 7.5 | HIGH | β | 0 |
| CVE-2026-30587 Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc (sdoc) editor. The applicat... | 8.7 | HIGH | β | 0 |
| CVE-2026-33375 The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crash... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-30575 A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, a... | 7.5 | HIGH | β | 0 |
| CVE-2026-4346 The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the deviceβs flash memory while the serial interface remains enabled and protec... | 6.8 | MEDIUM | β | 0 |
| CVE-2026-27650 OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32669 Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32678 Authentication bypass issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to alter critical configuration settings without authentication. | N/A | NONE | β | 0 |
| CVE-2026-33280 Hidden functionality issue exists in BUFFALO Wi-Fi router products, which may allow an attacker to gain access to the productβs debugging functionality, resulting in the execution of arbitrary OS comm... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-33366 Missing authentication for critical function vulnerability in BUFFALO Wi-Fi router products may allow an attacker to forcibly reboot the product without authentication. | N/A | NONE | β | 0 |
| CVE-2026-27877 When using public dashboards and direct data-sources, all direct data-sources' passwords are exposed despite not being used in dashboards. No passwords of proxied data-sources are exposed. We encoura... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27879 A resample query can be used to trigger out-of-memory crashes in Grafana. | 6.5 | MEDIUM | β | 0 |
| CVE-2026-27880 The OpenFeature feature toggle evaluation endpoint reads unbounded values into memory, which can cause out-of-memory crashes. | 7.5 | HIGH | β | 0 |
| CVE-2026-33764 WWBN AVideo is an open source video platform. In versions up to and including 26.0, the AI plugin's `save.json.php` endpoint loads AI response objects using an attacker-controlled `$_REQUEST['id']` pa... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-33939 Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorat... | 7.5 | HIGH | β | 0 |
| CVE-2026-33954 LinkAce is a self-hosted archive to collect website links. In versions prior to 2.5.3, a private note attached to a non-private link can be disclosed to a different authenticated user via the web inte... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-33976 Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop and 3.3.17 on Android/iOS, a stored XSS in the Web Clipper rendering flow can be escalated to remote code execution in the deskto... | 9.6 | CRITICAL | β | 0 |
| CVE-2026-33979 Express XSS Sanitizer is Express 4.x and 5.x middleware which sanitizes user input data (in req.body, req.query, req.headers and req.params) to prevent Cross Site Scripting (XSS) attack. A vulnerabili... | 8.2 | HIGH | β | 0 |
| CVE-2026-32914 OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handlers that allows command-authorized non-owners to access owner-only surfaces. Atta... | 8.8 | HIGH | β | 0 |
| CVE-2026-32915 OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents to access the subagents control surface and resolve against parent requester scope instead of their o... | 8.8 | HIGH | β | 0 |
| CVE-2026-32918 OpenClaw before 2026.3.11 contains a session sandbox escape vulnerability in the session_status tool that allows sandboxed subagents to access parent or sibling session state. Attackers can supply arb... | 8.4 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.