Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2026-39543 Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through <= 2.21.4. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-39561 Missing Authorization vulnerability in WP Chill Revive.so revive-so allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Revive.so: from n/a through <= 2.0.7. | 5.3 | MEDIUM | — | 0 |
| CVE-2026-39563 Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a thr... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-39565 Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpTravelly: from n/a th... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-39569 Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List 12-step-meeting-list allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 12 Step Meeti... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-39592 Missing Authorization vulnerability in Andy Ha DEPART depart-deposit-and-part-payment-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DEPART: from n/... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-39605 Missing Authorization vulnerability in Obadiah Super Custom Login super-custom-login allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Custom Login: from... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-39607 Missing Authorization vulnerability in Wpbens Filter Plus filter-plus allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filter Plus: from n/a through <= 1.1.17... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-39613 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in kutethemes Boutique kute-boutique allows PHP Local File Inclusion.This issue af... | 7.5 | HIGH | — | 0 |
| CVE-2026-40023 Apache Log4cxx's XMLLayout https://logging.apache.org/log4cxx/1.7.0/classlog4cxx_1_1xml_1_1XMLLayout.html , in versions before 1.7.0, fails to sanitize characters forbidden by the XML 1.0 specificat... | N/A | NONE | — | 0 |
| CVE-2026-40223 In systemd 258 before 260, a local unprivileged user can trigger an assert when a Delegate=yes and User=<unset> unit exists and is running. | 4.7 | MEDIUM | — | 0 |
| CVE-2026-40224 In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace. | 6.7 | MEDIUM | — | 0 |
| CVE-2026-40225 In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output. | 6.4 | MEDIUM | — | 0 |
| CVE-2026-40226 In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file. | 6.4 | MEDIUM | — | 0 |
| CVE-2026-40227 In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element. | 6.2 | MEDIUM | — | 0 |
| CVE-2026-40228 In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set. | 2.9 | LOW | — | 0 |
| CVE-2026-22560 An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint. | N/A | NONE | — | 0 |
| CVE-2026-35595 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the CanUpdate check at pkg/models/project_permissions.go:139-148 only requires CanWrite on the new parent project when c... | 8.3 | HIGH | — | 0 |
| CVE-2026-35596 Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any labe... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-35656 OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote ... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-35657 OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in the HTTP /sessions/:sessionKey/history route that skips operator.read scope validation. Attackers can access session history... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-35658 OpenClaw before 2026.3.2 contains a filesystem boundary bypass vulnerability in the image tool that fails to honor tools.fs.workspaceOnly restrictions. Attackers can traverse sandbox bridge mounts out... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-35659 OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can ex... | 4.6 | MEDIUM | — | 0 |
| CVE-2026-35660 OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attacke... | 8.1 | HIGH | — | 0 |
| CVE-2026-35661 OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Telegram callback query handling that allows attackers to mutate session state without satisfying normal DM pairing requirem... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-35662 OpenClaw before 2026.3.22 fails to enforce controlScope restrictions on the send action, allowing leaf subagents to message controlled child sessions beyond their authorized scope. Attackers can explo... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-40156 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI automatically loads a file named tools.py from the current working directory to discover and register custom agent tools. This load... | 7.8 | HIGH | — | 0 |
| CVE-2026-40157 PraisonAI is a multi-agent teams system. Prior to 4.5.128, cmd_unpack in the recipe CLI extracts .praison tar archives using raw tar.extract() without validating archive member paths. A .praison bundl... | N/A | NONE | — | 0 |
| CVE-2026-40158 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI's AST-based Python sandbox can be bypassed using type.__getattribute__ trampoline, allowing arbitrary code execution when running u... | 8.6 | HIGH | — | 0 |
| CVE-2026-40159 PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI’s MCP (Model Context Protocol) integration allows spawning background servers via stdio using user-supplied command strings (e.g., ... | 5.5 | MEDIUM | — | 0 |
| CVE-2026-40160 PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, web_crawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get() with follow_redirects=True and no host va... | N/A | NONE | — | 0 |
| CVE-2026-31063 UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of... | 4.5 | MEDIUM | — | 0 |
| CVE-2026-5867 Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-5869 Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-5886 Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi... | 7.5 | HIGH | — | 0 |
| CVE-2025-70365 A stored cross-site scripting (XSS) vulnerability exists in Kiamo before 8.4 due to improper output encoding of user-supplied input in administrative interfaces. An authenticated administrative user c... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-33005 Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID (meta... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-33266 Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case ... | 7.5 | HIGH | — | 0 |
| CVE-2025-63238 A Reflected Cross-Site Scripting (XSS) affects LimeSurvey versions prior to 6.15.11+250909, due to the lack of validation of gid parameter in getInstance() function in application/models/QuestionCreat... | 6.1 | MEDIUM | — | 0 |
| CVE-2026-29129 Configured cipher preference order not preserved vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.16 through 11.0.18, from 10.1.51 through 10.1.52, from 9.0.114 through 9.0... | 7.5 | HIGH | — | 0 |
| CVE-2026-32932 Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrat... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-33141 Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the REST API stats endpoint allows any authenticated user (including low-p... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-40162 Bugsink is a self-hosted error tracking tool. In 2.1.0, an authenticated file write vulnerability was identified in Bugsink 2.1.0 in the artifact bundle assembly flow. A user with a valid authenticati... | 7.1 | HIGH | — | 0 |
| CVE-2026-40163 Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.5, 1.5.5, and 1.6.0-beta.4, the POST /sync/offline_changes endpoint allows an unauthenticated attacker to cre... | 8.2 | HIGH | — | 0 |
| CVE-2026-27460 Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.5, a critical Denial of Service (DoS) vulnerability was in the recipe import functiona... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-33618 Chamilo LMS is a learning management system. Prior to .0.0-RC.3, the PlatformConfigurationController::decodeSettingArray() method uses PHP's eval() to parse platform settings from the database. An att... | 8.8 | HIGH | — | 0 |
| CVE-2026-33698 Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify e... | N/A | NONE | — | 0 |
| CVE-2026-5708 Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio (RES) prior to version 2026.03 could allow an authenticated remote user to es... | 8.8 | HIGH | — | 0 |
| CVE-2026-20884 An integer overflow vulnerability exists in the deflate_dng_load_raw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can prov... | 8.1 | HIGH | — | 0 |
| CVE-2026-20889 A heap-based buffer overflow vulnerability exists in the x3f_thumb_loader functionality of LibRaw Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can... | 9.8 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.