CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-32587 Missing Authorization vulnerability in Saad Iqbal WP EasyPay allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP EasyPay: from n/a through 4.2.11. | 5.4 | MEDIUM | β | 0 |
| CVE-2026-4250 A vulnerability was found in Albert SaΔlΔ±k Hizmetleri ve Ticaret Albert Health up to 1.7.3 on Android. Affected is an unknown function of the file resources/assets/service-account.json of the componen... | 2.5 | LOW | β | 0 |
| CVE-2026-4224 When an Expat parser with a registered ElementDeclHandler parses an inline document type definition containing a deeply nested content model a C stack overflow occurs. | N/A | NONE | β | 0 |
| CVE-2026-4269 A missing S3 ownership verification in the Bedrock AgentCore Starter Toolkit before version v0.1.13 may allow a remote actor to inject code during the build process, leading to code execution in the A... | 7.5 | HIGH | β | 0 |
| CVE-2025-69196 FastMCP is the standard framework for building MCP applications. Prior to version 2.14.2, the server does not properly respect the resource parameter submitted by the client in the authorization and t... | 6.5 | MEDIUM | β | 0 |
| CVE-2025-69727 An Incorrect Access Control vulnerability exists in INDEX-EDUCATION PRONOTE prior to 2025.2.8. The affected components (index.js and composeUrlImgPhotoIndividu) allow the construction of direct URLs t... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-69808 An out-of-bounds memory access (OOB) in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to access sensitive information and cause a Denial of Service (DoS) via supplying a crafted packet. | 9.1 | CRITICAL | β | 0 |
| CVE-2025-69809 A write-what-where condition in p2r3 Bareiron commit 8e4d40 allows unauthenticated attackers to write arbitrary values to memory, enabling arbitrary code execution via a crafted packet. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-32261 Webhooks for Craft CMS plugin adds the ability to manage βwebhooksβ in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhoo... | N/A | NONE | β | 0 |
| CVE-2025-68971 In Forgejo through 13.0.3, the attachment component allows a denial of service by uploading a multi-gigabyte file attachment (e.g., to be associated with an issue or a release). | 6.5 | MEDIUM | β | 0 |
| CVE-2025-69693 Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c). The quantization parameter (qp) validation at line 2267 only checks the lower bound (qp < 0) but is missing upper ... | 5.4 | MEDIUM | β | 0 |
| CVE-2026-26304 Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2 fail to verify run_create permission for empty playbookId, which allows team members to create unauthorized runs via the playbook run API. Matter... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-28430 Chamilo LMS is a learning management system. Prior to version 1.11.34, there is an unauthenticated SQL injection vulnerability which allows remote attackers to execute arbitrary SQL commands via the c... | 9.8 | CRITICAL | β | 0 |
| CVE-2026-29516 Buffalo TeraStation NAS TS5400R firmware version 4.02-0.06 and prior contain an excessive file permissions vulnerability that allows authenticated attackers to read the /etc/shadow file by uploading a... | 4.9 | MEDIUM | β | 0 |
| CVE-2026-30875 Chamilo LMS is a learning management system. Prior to version 1.11.36, an arbitrary file upload vulnerability in the H5P Import feature allows authenticated users with Teacher role to achieve Remote C... | 8.8 | HIGH | β | 0 |
| CVE-2026-30876 Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36. | 5.3 | MEDIUM | β | 0 |
| CVE-2026-30881 Chamilo LMS is a learning management system. Version 1.11.34 and prior contains a SQL Injection vulnerability in the statistics AJAX endpoint. The parameters date_start and date_end from $_REQUEST are... | 8.8 | HIGH | β | 0 |
| CVE-2026-30882 Chamilo LMS is a learning management system. Chamilo LMS version 1.11.34 and prior contains a Reflected Cross-Site Scripting (XSS) vulnerability in the session category listing page. The keyword param... | 6.1 | MEDIUM | β | 0 |
| CVE-2026-32262 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, the AssetsController->replaceFile() method has a ta... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-32263 Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.11, in src/controllers/EntryTypesController.php, the $settings array from parse_str is passed directly to Craft... | 7.2 | HIGH | β | 0 |
| CVE-2026-4289 A security vulnerability has been detected in Tiandy Easy7 Integrated Management Platform up to 7.17.0. This affects an unknown function of the file /rest/preSetTemplate/getRecByTemplateId. The manipu... | 7.3 | HIGH | β | 0 |
| CVE-2026-32264 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.5 and from version 5.0.0-RC1 to before version 5.9.11, there is a Behavior injection RCE vulnerability in ... | 7.2 | HIGH | β | 0 |
| CVE-2026-32267 Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from version 5.0.0-RC1 to before version 5.9.12, a low-privilege user (or an unauthenticated user wh... | 9.8 | CRITICAL | β | 0 |
| CVE-2025-50881 The `flow/admin/moniteur.php` script in Use It Flow administration website before 10.0.0 is vulnerable to Remote Code Execution. When handling GET requests, the script takes user-supplied input from t... | 8.8 | HIGH | β | 0 |
| CVE-2025-69902 A command injection vulnerability in the minimal_wrapper.py component of kubectl-mcp-server v1.2.0 allows attackers to execute arbitrary commands via injecting arbitrary shell metacharacters. | 9.8 | CRITICAL | β | 0 |
| CVE-2026-1629 Mattermost versions 10.11.x <= 10.11.10 Fail to invalidate cached permalink preview data when a user loses channel access which allows the user to continue viewing private channel content via previous... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-26230 Mattermost versions 10.11.x <= 10.11.10 fail to properly validate permission requirements in the team member roles API endpoint which allows team administrators to demote members to guest role. Matter... | 3.8 | LOW | β | 0 |
| CVE-2026-29522 ZwickRoell Test Data Management versions prior toΒ 3.0.8 contain a local file inclusion (LFI) vulnerability in the /server/node_upgrade_srv.js endpoint. An unauthenticated attacker can supply directory... | N/A | NONE | β | 0 |
| CVE-2025-71239 In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2() to change attributes class fchmodat2(), introduced in version 6.6 is currently not in the change attribute ... | N/A | NONE | β | 0 |
| CVE-2026-23241 In the Linux kernel, the following vulnerability has been resolved: audit: add missing syscalls to read class The "at" variant of getxattr() and listxattr() are missing from the audit read class. Ca... | N/A | NONE | β | 0 |
| CVE-2026-3632 A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be ... | 3.9 | LOW | β | 0 |
| CVE-2026-3633 A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability... | 3.9 | LOW | β | 0 |
| CVE-2026-3634 A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `sou... | 3.9 | LOW | β | 0 |
| CVE-2026-26929 Apache Airflow versions 3.0.0 through 3.1.7Β FastAPI DagVersion listing API does not apply per-DAG authorization filtering when the request is made with dag_id set to "~" (wildcard for all DAGs). As a ... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-28563 Apache Airflow versions 3.1.0 through 3.1.7 /ui/dependencies endpoint returns the full DAG dependency graph without filtering by authorized DAG IDs. This allows an authenticated user with only DAG Dep... | 4.3 | MEDIUM | β | 0 |
| CVE-2026-28779 Apache Airflow versions 3.1.0 through 3.1.7Β session token (_token) in cookies is set to path=/ regardless of the configured [webserver] base_url or [api] base_url. This allows any application co-hoste... | 7.5 | HIGH | β | 0 |
| CVE-2026-30911 Apache Airflow versions 3.1.0 through 3.1.7 missing authorization vulnerability in the Execution API's Human-in-the-Loop (HITL) endpoints that allows any authenticated task instance to read, approve, ... | 8.1 | HIGH | β | 0 |
| CVE-2025-31966 HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these are not enforced by the web server. An attacker can bypass these restriction... | 2.7 | LOW | β | 0 |
| CVE-2026-4271 A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by send... | 5.3 | MEDIUM | β | 0 |
| CVE-2025-62320 HTML Injection can be carried out in Product when a web application does not properly check or clean user input before showing it on a webpage. Because of this, an attacker may insert unwanted HTML co... | 4.7 | MEDIUM | β | 0 |
| CVE-2026-3888 Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up thi... | 7.8 | HIGH | β | 0 |
| CVE-2026-4324 A flaw was found in the Katello plugin for Red Hat Satellite. This vulnerability, caused by improper sanitization of user-provided input, allows a remote attacker to inject arbitrary SQL commands into... | 5.4 | MEDIUM | β | 0 |
| CVE-2025-13406 NULL Pointer Dereference vulnerability in Softing Industrial Automation GmbH smartLink SW-HT (Webserver modules) allows HTTP DoS.This issue affects smartLink SW-HT: 1.43. | N/A | NONE | β | 0 |
| CVE-2026-3564 A condition in ScreenConnect may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scen... | 9.0 | CRITICAL | β | 0 |
| CVE-2026-4318 A vulnerability was determined in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formApLbConfig. This manipulation of the argument loadBalanceNameOld causes buf... | 8.8 | HIGH | β | 0 |
| CVE-2026-21886 OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.9.1, the GraphQL mutations "IndividualDeletionDeleteMutation" is intended to all... | 6.5 | MEDIUM | β | 0 |
| CVE-2026-23759 Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated OS command injection via the restricted shell accessed over Telnet or SSH. The shell 'ps' command doe... | 7.2 | HIGH | β | 0 |
| CVE-2026-24901 Outline is a service that allows for collaborative documentation. Prior to 1.4.0, an Insecure Direct Object Reference (IDOR) vulnerability in the document restoration logic allows any team member to u... | 8.1 | HIGH | β | 0 |
| CVE-2026-25770 Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 3.9.0 and prior to version 4.14.3, a privilege escalation vulnerability exists in the ... | 9.1 | CRITICAL | β | 0 |
| CVE-2026-32294 JetKVM prior to 0.5.4 does not verify the authenticity of downloaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding SHA256 has... | 4.7 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.