Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
147 articles

#NVD

All CosmicBytez Labs articles tagged #NVD, across news, security advisories, how-to guides, and projects.

  • SecurityJul 17, 2026

    CVE-2026-15982: WordPress Aimogen Pro Plugin Privilege Escalation (CVSS 9.8)

    Critical privilege escalation in the Aimogen Pro WordPress plugin (all versions up to 2.8.4) — missing capability check on AI function allows any authenticated user to gain administrator-level access.

  • SecurityJul 14, 2026

    CVE-2026-14453: Critical SSTI to RCE in Centreon Open Tickets (CVSS 9.6)

    A critical Server-Side Template Injection vulnerability in Centreon's centreon-open-tickets module allows unauthenticated attackers to achieve Remote Code Execution via the unsanitized message_confirm field.

  • SecurityJul 12, 2026

    CVE-2026-15488: Unrestricted File Upload in shiroiAdmin Enables Remote Code Execution

    A high-severity unrestricted file upload vulnerability in shiroiAdmin versions 1.1 and 1.3 allows unauthenticated remote attackers to upload PHP webshells and achieve remote code execution.

  • SecurityJul 9, 2026

    CVE-2026-47831: Weak RNG in BOSH Windows Stemcell Builder Enables Remote Password Prediction

    A cryptographically weak random number generator in the GenerateRandomPassword function of bosh-windows-stemcell-builder allows remote attackers to...

  • SecurityJul 8, 2026

    CVE-2026-12153: WP Learn Manager Plugin — Unauthenticated Authorization Bypass Allows Plugin Installation

    A critical CVSS 9.8 authorization bypass in the WP Learn Manager WordPress plugin allows unauthenticated attackers to install and activate arbitrary...

  • SecurityJul 8, 2026

    CVE-2026-14487: WordPress Simple Coherent Form Plugin — Critical Unauthenticated File Deletion

    A critical CVSS 9.1 vulnerability in the Simple Coherent Form WordPress plugin allows unauthenticated attackers to delete arbitrary files on the server,...

  • SecurityJul 8, 2026

    CVE-2026-9695: DELMIA Apriso Manufacturing MES — Improper Authentication Enables Privileged Server Access

    A critical CVSS 9.8 improper authentication vulnerability in Dassault Systèmes DELMIA Apriso (releases 2020–2026) allows unauthenticated attackers to gain...

  • SecurityJul 8, 2026

    CVE-2026-9701: WordPress Eventer Plugin — Insecure Password Reset Enables Account Takeover

    A critical CVSS 9.8 vulnerability in the Eventer WordPress plugin exposes plaintext password reset keys in user meta, allowing unauthenticated attackers...

  • SecurityJul 6, 2026

    CVE-2026-14771: SQL Injection in SourceCodester Class and Exam Timetabling System

    An unauthenticated remote SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows attackers to manipulate the id...

  • SecurityJul 4, 2026

    CVE-2026-14622: Missing Authentication in Restaurant Website PHP/MySQL AJAX Endpoint

    A missing authentication vulnerability (CVSS 7.3) in the jairiidriss/restaurant-website-php-mysql project exposes the /admin/ajax_files endpoint to...

  • SecurityJul 4, 2026

    CVE-2026-4321: Critical SQL Injection in Raera Destekz Plugin (No Patch Available)

    A CVSS 9.8 critical SQL injection in the Destekz plugin by Raera - Ankara Web Design allows unauthenticated remote attackers full database access. The...

  • SecurityJul 4, 2026

    CVE-2026-49814: Dell PowerProtect Data Domain OS Command Injection

    A high-severity OS command injection vulnerability in Dell PowerProtect Data Domain allows authenticated remote attackers to execute arbitrary commands...

  • SecurityJul 2, 2026

    CVE-2026-14198: Fastify Middie Middleware Path Bypass (CVSS 9.1)

    Critical path bypass vulnerability in @fastify/middie versions 9.1.0 through 9.3.2 allows attackers to evade middleware protection by exploiting a %2F...

  • SecurityJul 2, 2026

    CVE-2026-52186: Critical SQL Injection RCE in UTT nv518G Router

    A critical SQL injection vulnerability (CVSS 9.8) in the UTT nv518G router allows unauthenticated remote attackers to execute arbitrary code via the...

  • SecurityJul 1, 2026

    CVE-2025-36359: IBM DevOps Session Hijacking Vulnerability (CVSS 8.1)

    IBM DevOps Automation and IBM DevOps Loop fail to invalidate session IDs after expiration, allowing authenticated attackers to impersonate other users via...

  • SecurityJul 1, 2026

    CVE-2026-9711: Critical SQL Injection in EventON WordPress Plugin (CVSS 9.8)

    A critical unauthenticated SQL injection vulnerability in the EventON WordPress Virtual Event Calendar Plugin affects versions up to 5.0.11, exposing...

  • SecurityJun 30, 2026

    CVE-2026-12073: ProfileGrid WordPress Plugin Critical Privilege Escalation

    A critical CVSS 9.8 vulnerability in the ProfileGrid WordPress plugin allows unauthenticated attackers to take over any user account and escalate...

  • SecurityJun 30, 2026

    CVE-2026-13550: SQL Injection in itsourcecode Baptism Information Management System 1.0

    A high-severity SQL injection vulnerability has been identified in itsourcecode Baptism Information Management System 1.0, allowing remote attackers to...

  • SecurityJun 30, 2026

    CVE-2026-13551: SQL Injection in itsourcecode Baptism Information Management System 1.0 (editBaptism.php)

    A second high-severity SQL injection vulnerability has been disclosed in itsourcecode Baptism Information Management System 1.0, this time affecting the...

  • SecurityJun 30, 2026

    CVE-2026-57331: Critical Arbitrary File Deletion in Paid Videochat Turnkey Site

    A CVSS 9.9 critical vulnerability in the Paid Videochat Turnkey Site WordPress plugin allows authenticated performer-role users to delete arbitrary files...

  • SecurityJun 29, 2026

    CVE-2026-13521: SQL Injection in SourceCodester Class and Exam Timetabling System

    A remotely exploitable SQL injection vulnerability affects SourceCodester Class and Exam Timetabling System 1.0 via the course_year_section parameter in...

  • SecurityJun 29, 2026

    CVE-2026-49048: Critical SQL Injection in JoomCCK Joomla Extension

    A critical unauthenticated SQL injection vulnerability (CVSS 9.8) in the JoomCCK Joomla extension allows attackers to read, modify, or delete database...

  • SecurityJun 28, 2026

    CVE-2026-13485: SQL Injection in SourceCodester Class and Exam Timetabling System

    A high-severity SQL injection vulnerability in SourceCodester's Class and Exam Timetabling System 1.0 allows unauthenticated remote attackers to...

  • SecurityJun 28, 2026

    CVE-2026-13486: SQL Injection in SourceCodester Class and Exam Timetabling System (preview6.php)

    A second high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 targets /preview6.php via the...

  • SecurityJun 28, 2026

    CVE-2026-13487: SQL Injection in SourceCodester Timetabling System (/archive.php)

    A high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 allows unauthenticated attackers to manipulate the...

  • SecurityJun 28, 2026

    CVE-2026-13488: SQL Injection in SourceCodester Timetabling System (/preview7.php)

    A high-severity SQL injection vulnerability in SourceCodester Class and Exam Timetabling System 1.0 allows unauthenticated attackers to manipulate the...

  • SecurityJun 28, 2026

    CVE-2026-13498: SQL Injection in Restaurant Management System via Password Reset

    A high-severity SQL injection vulnerability in yashpokharna2555's restaurant management system allows unauthenticated attackers to exploit the...

  • SecurityJun 28, 2026

    CVE-2026-58053: Newly Disclosed Informational Vulnerability

    CVE-2026-58053 was disclosed on June 28, 2026 with an informational severity rating. NVD analysis is pending; no exploitation or vendor advisory has been...

  • SecurityJun 27, 2026

    CVE-2026-54820: Critical SQL Injection in JetBooking WordPress Plugin

    A critical unauthenticated SQL injection vulnerability (CVSS 9.3) in the JetBooking WordPress plugin affects all versions up to 4.0.4.1, potentially...

  • SecurityJun 26, 2026

    CVE-2025-71327: Flowise Authentication Bypass Grants Full API Access

    A critical authentication bypass in Flowise allows unauthenticated attackers to register accounts via an unprotected API endpoint and gain full platform...

  • SecurityJun 26, 2026

    CVE-2026-56445: DICOM qrscp Path Traversal Enables Arbitrary File Write

    A critical path traversal vulnerability in the qrscp DICOM application allows unauthenticated attackers to write files to arbitrary server paths via...

  • SecurityJun 19, 2026

    CVE-2026-54414: FileRise Path Traversal Enables Arbitrary File Write and Admin Takeover

    A critical path traversal vulnerability in FileRise before 3.16.0 allows unauthenticated attackers to write arbitrary files and completely compromise...

  • SecurityJun 19, 2026

    CVE-2026-7515: BetterDocs Pro WordPress Plugin — Unauthenticated Local File Inclusion

    A critical Local File Inclusion vulnerability in the BetterDocs Pro WordPress plugin (up to v3.8.0) allows unauthenticated attackers to include and...

  • SecurityJun 16, 2026

    CVE-2026-39574: Critical SQL Injection in InPost Gallery WordPress Plugin

    A critical unauthenticated SQL injection vulnerability (CVSS 9.3) in the InPost Gallery WordPress plugin allows attackers to extract sensitive database...

  • SecurityJun 16, 2026

    CVE-2026-6933: Unauthenticated RCE in Premmerce Dev Tools WordPress Plugin

    A high-severity unauthenticated remote code execution vulnerability (CVSS 8.8) in Premmerce Dev Tools for WordPress allows attackers to execute arbitrary...

  • SecurityJun 14, 2026

    CVE-2026-5513: Bookly WordPress Plugin Stored XSS via Cookie

    The Bookly scheduling plugin for WordPress contains a stored cross-site scripting vulnerability in versions up to 27.2, allowing unauthenticated attackers...

  • SecurityJun 13, 2026

    CVE-2026-47131: vm2 Sandbox Escape via Buffer Prototype Hijack (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to obtain the host TypeError constructor via Buffer.__lookupGetter__ abuse,...

  • SecurityJun 13, 2026

    CVE-2026-47137: vm2 Sandbox Escape via Strict Equality require Bypass (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows attackers to bypass the require: false security option using falsy values, circumventing the...

  • SecurityJun 13, 2026

    CVE-2026-47140: vm2 Sandbox Escape via Incomplete Builtin Denylist (CVSS 10.0)

    A CVSS 10.0 critical sandbox escape in vm2 for Node.js allows sandboxed code to access the host process via the process and inspector/promises builtins,...

  • SecurityJun 13, 2026

    CVE-2026-47208: vm2 General Sandbox Breakout — Arbitrary Host Execution (CVSS 10.0)

    A CVSS 10.0 critical vulnerability in vm2 for Node.js allows sandbox code to escape and execute arbitrary OS commands on the host system. Patched in vm2 3.11.4.

  • SecurityJun 12, 2026

    CVE-2026-41005: Cloud Foundry UAA SAML Signature Bypass

    A high-severity vulnerability (CVSS 9.0) in Cloud Foundry UAA allows attackers to bypass authentication by exploiting the incorrect treatment of XML...

  • SecurityJun 6, 2026

    CVE-2026-11334: SQL Injection in College Management System

    A high-severity SQL injection vulnerability (CVSS 7.3) in CollegeManagementSystem allows attackers to manipulate the department_code parameter in…

  • SecurityJun 6, 2026

    CVE-2026-7537: MDJM Event Management WordPress Plugin Arbitrary File Upload

    A high-severity arbitrary file upload vulnerability in the MDJM Event Management plugin for WordPress allows authenticated attackers to upload malicious files…

  • SecurityJun 6, 2026

    CVE-2026-9851: WordPress Booking Package Plugin Privilege Escalation via Account Takeover

    A high-severity privilege escalation vulnerability in the Booking Package WordPress plugin allows unauthenticated or low-privileged attackers to take over…

  • SecurityJun 5, 2026

    CVE-2026-50208: TLS Bypass and Hard-Coded DES Keys Enable MITM Attacks

    A critical CVSS 9.4 vulnerability disables TLS certificate validation via TrustAllCerts routines and combines this with hard-coded DES symmetric encryption…

  • SecurityJun 5, 2026

    CVE-2026-50211: Leftover Engineering Diagnostics Grant Malicious Apps NVRAM Write Access

    A critical CVSS 9.8 vulnerability exposes factory-level diagnostic interfaces left in retail firmware builds, allowing malicious applications to gain write…

  • SecurityJun 3, 2026

    CVE-2025-14771: ABB T-MAC Plus Critical File & Directory Exposure (CVSS 9.9)

    A CVSS 9.9 critical vulnerability in ABB T-MAC Plus v4.0-24 exposes internal files and directories to external parties, allowing unauthenticated attackers to…

  • SecurityJun 3, 2026

    CVE-2026-35075: Hardcoded Default Password in Firmware Enables Full Device Takeover (CVSS 9.8)

    A CVSS 9.8 critical vulnerability allows unauthenticated remote attackers to recover a default hardcoded password from a firmware image, granting full…

  • SecurityJun 3, 2026

    CVE-2026-4035: MLflow AI Gateway Credential Exfiltration via Env Variable Resolution

    A CVSS 9.1 critical flaw in MLflow AI Gateway allows server-side environment variables in api_key fields to be resolved and exfiltrated to attacker-controlled…

  • SecurityJun 3, 2026

    CVE-2026-42849: authentik Critical XSS in AutosubmitStage (CVSS 9.3)

    A critical cross-site scripting vulnerability in authentik's Simple Flow Executor AutosubmitStage allows attackers to execute arbitrary JavaScript via a…

  • SecurityJun 3, 2026

    CVE-2026-47065: Java Deserialization Filter Bypass via resolveProxyClass (CVSS 9.8)

    A CVSS 9.8 critical Java deserialization vulnerability allows attackers to bypass ObjectInputFilter via TC_PROXYCLASSDESC, circumventing acceptMatchers…

  • SecurityJun 3, 2026

    CVE-2026-49448: authentik Source Stage Authentication Bypass (CVSS 9.8)

    A critical authentication bypass in authentik allows attackers to skip the Source stage entirely by sending an empty POST request, completely circumventing…

  • SecurityJun 2, 2026

    CVE-2018-25427: Arm Whois 3.11 Stack-Based Buffer Overflow RCE

    A critical stack-based buffer overflow vulnerability in Arm Whois 3.11 (CVSS 9.8) allows remote attackers to execute arbitrary code by supplying oversized…

  • SecurityJun 2, 2026

    CVE-2026-10236: Improper Authorization in SourceCodester Water Billing Management System

    A remotely exploitable improper authorization vulnerability in the SourceCodester Water Billing Management System 1.0 allows unauthenticated attackers to…

  • SecurityJun 2, 2026

    CVE-2026-10263: SQL Injection in SourceCodester Computer Repair Shop Management System

    A CVSS 7.3 SQL injection vulnerability in SourceCodester's Computer Repair Shop Management System v1.0 allows remote attackers to extract sensitive data via…

  • SecurityJun 2, 2026

    CVE-2026-27788: Fujitsu ServerView Agents Privilege Escalation to SYSTEM

    An incorrect permission assignment vulnerability in Fujitsu ServerView Agents for Windows V11.60.04 and earlier allows a local authenticated attacker to…

  • SecurityJun 2, 2026

    CVE-2026-8206: Kirki WordPress Plugin Critical Privilege Escalation via Account Takeover

    The Kirki Freeform Page Builder plugin for WordPress (versions 6.0.0–6.0.6) allows unauthenticated attackers to take over any user account during password…

  • SecurityJun 2, 2026

    CVE-2026-8293: Really Simple Security WordPress Plugin 2FA Authentication Bypass

    The Really Simple Security WordPress plugin before 9.5.10.1 fails to enforce the second-factor challenge on two REST API endpoints, allowing attackers with a…

  • SecurityMay 31, 2026

    CVE-2018-25405: Multiple SQL Injections in eNdonesia Portal 8.7

    Multiple unauthenticated SQL injection vulnerabilities in eNdonesia Portal 8.7 allow attackers to extract sensitive database contents via the artid, cid,...

  • SecurityMay 31, 2026

    CVE-2018-25406: SQL Injection Across eNdonesia Portal 8.7 Modules

    Multiple unauthenticated SQL injection vulnerabilities in eNdonesia Portal 8.7 expose the publisher, artikel, and info modules to database extraction...

  • SecurityMay 31, 2026

    CVE-2018-25411: SQL Injection in MGB OpenSource Guestbook 0.7.0.2

    An unauthenticated SQL injection vulnerability in MGB OpenSource Guestbook 0.7.0.2 allows attackers to extract sensitive database contents via the 'id'...

  • SecurityMay 31, 2026

    CVE-2018-25412: Arbitrary File Upload RCE in Delta Sql 1.8.2

    A critical unauthenticated arbitrary file upload vulnerability in Delta Sql 1.8.2 allows attackers to upload malicious PHP files and achieve remote code...

  • SecurityMay 31, 2026

    CVE-2026-10167: School Student Management System Cookie Auth Bypass

    A high-severity authentication bypass vulnerability in OUSL-GROUP BrinaryBrains School Student Management System allows manipulation of the sign_auth_cookie…

  • NewsMay 30, 2026

    Federal Audit Reveals NIST's NVD Is Plagued by Poor Planning and Duplication

    A Commerce Inspector General report exposes how mismanagement allowed a backlog of more than 27,000 unprocessed security flaws to grow unchecked in the...

  • SecurityMay 30, 2026

    CVE-2026-10110: SQL Injection in Student Details Management System 1.0

    A remotely exploitable SQL injection vulnerability in code-projects Student Details Management System 1.0 allows attackers to manipulate database queries...

  • SecurityMay 30, 2026

    CVE-2026-7459: WordPress Simple History Plugin Account Takeover

    A broken authentication check in the Simple History WordPress plugin (versions up to 5.26.0) allows Subscriber-level users to take over any WordPress...

  • SecurityMay 30, 2026

    CVE-2026-9757: GEO my WP Plugin SQL Injection via Query String Bypass

    The GEO my WP WordPress plugin (versions up to 4.5.5) is vulnerable to unauthenticated SQL injection via the swlatlng and nelatlng parameters, which...

  • SecurityMay 29, 2026

    CVE-2026-4408: Samba OS Command Injection via Check Password Script

    A CVSS 9.0 OS command injection flaw in Samba allows remote attackers to execute arbitrary commands on file servers and domain controllers using the %u...

  • SecurityMay 28, 2026

    CVE-2026-32999: Comet Backup Server Code Execution via Signing Module

    A CVSS 9.0 code execution flaw in Comet Backup's backup agent signing module allows an authenticated tenant administrator to execute arbitrary code on...

  • SecurityMay 27, 2026

    CVE-2026-8450: HTTP::Daemon Perl OS Command Injection via send_file()

    OS command injection (CVSS 9.1) in Perl's HTTP::Daemon lets attackers run arbitrary commands via magic prefix abuse in send_file's two-arg open().

  • SecurityMay 26, 2026

    CVE-2026-9525: SQL Injection in itsourcecode Electronic

    A remotely exploitable SQL injection vulnerability in the admin panel of itsourcecode Electronic Judging System 1.0 allows attackers to manipulate database.

  • SecurityMay 22, 2026

    CVE-2026-39531: WP Directory Kit Blind SQL Injection (CVSS

    A critical blind SQL injection vulnerability in the WP Directory Kit WordPress plugin allows unauthenticated attackers to exfiltrate the entire WordPress...

  • SecurityMay 22, 2026

    CVE-2026-48207: Apache Fury PyFury Deserialization RCE

    A critical deserialization vulnerability in Apache Fury's Python library PyFury allows attackers to bypass DeserializationPolicy validation hooks via the...

  • SecurityMay 22, 2026

    WP ERP Pro SQL Injection via search_key Parameter

    A CVSS 7.5 SQL injection vulnerability in the WP ERP Pro WordPress plugin (all versions up to 1.5.1) allows unauthenticated attackers to extract sensitive...

  • SecurityMay 22, 2026

    CVE-2026-5433: Honeywell CNM Critical Command Injection RCE

    A CVSS 9.1 critical command injection vulnerability in Honeywell's Control Network Module web interface allows remote attackers to execute arbitrary...

  • SecurityMay 21, 2026

    CVE-2026-44050 — Netatalk CNID Daemon Heap Buffer Overflow

    A heap-based buffer overflow in the Netatalk CNID daemon comm_rcv() function allows a remote authenticated attacker to execute arbitrary code with...

  • SecurityMay 20, 2026

    GlassFish Administration Console Authenticated RCE

    An authenticated Remote Code Execution vulnerability in GlassFish's Administration Console (CVSS 9.1) allows users with panel access to execute arbitrary...

  • SecurityMay 20, 2026

    GlassFish Gadget Handler Expression Language RCE

    A critical CVSS 9.6 Remote Code Execution vulnerability in GlassFish's server-side gadget handler allows attackers to inject Expression Language...

  • SecurityMay 20, 2026

    scalar/astro Proxy Endpoint Unauthenticated SSRF

    A critical CVSS 9.8 Server-Side Request Forgery vulnerability in scalar/astro v0.1.13 allows unauthenticated attackers to force the backend server to make...

  • SecurityMay 19, 2026

    CVE-2026-39079: PrestaShop UPS Shipping Module Sensitive

    CVE-2026-39079 is a CVSS 7.5 (High) information disclosure vulnerability in the PrestaShop upsshipping module affecting all versions through 2.4.0. Remote...

  • SecurityMay 16, 2026

    CVE-2020-37228: iDS6 DSSPro Digital Signage CAPTCHA

    A critical CVSS 9.8 vulnerability in iDS6 DSSPro Digital Signage System 6.2 allows attackers to retrieve valid CAPTCHA codes from the login endpoint and...

  • SecurityMay 16, 2026

    CVE-2020-37239: libbabl 0.1.62 Broken Double-Free Detection

    A critical CVSS 9.8 memory safety flaw in libbabl 0.1.62 allows attackers to call babl_free() twice on the same pointer without triggering the library's...

  • SecurityMay 16, 2026

    WordPress Form Notify Plugin Auth Bypass via LINE OAuth

    The Form Notify plugin for WordPress is vulnerable to authentication bypass in versions up to and including 1.1.10. Attackers can manipulate...

  • SecurityMay 16, 2026

    DAEMON Tools Lite Supply Chain Attack via Trojanized

    A supply chain attack compromised official DAEMON Tools Lite installation packages distributed from daemon-tools.cc between April 8 and May 5, 2026,...

  • SecurityMay 12, 2026

    CVE-2026-28872: Apple iOS & iPadOS Remote Denial-of-Service

    A CVSS 7.5 denial-of-service vulnerability in Apple iOS and iPadOS allows a remote attacker to exhaust device resources and crash the operating system...

  • SecurityMay 9, 2026

    CVE-2026-37431: Beauty Parlour Management System SQL

    A critical unauthenticated SQL injection vulnerability in Beauty Parlour Management System v1.1 allows attackers to dump the entire backend database via a...

  • SecurityMay 9, 2026

    CVE-2026-41583: ZEBRA Zcash Node Consensus Rule Bypass

    A missing sighash validation in ZEBRA, the Rust-based Zcash node, allowed invalid V5 transactions to pass consensus checks — patched in zebrad 4.3.1 and...

  • SecurityMay 9, 2026

    CVE-2026-41588: RELATE Courseware Timing Attack in Authentication (CVSS 9.0)

    A timing attack vulnerability in RELATE's check_sign_in_key() function could allow attackers to infer valid sign-in keys through response time differences...

  • SecurityMay 9, 2026

    CVE-2026-42193: Plunk Email Platform SNS Webhook Forgery

    A critical unauthenticated vulnerability in Plunk, the open-source AWS SES email platform, allows attackers to forge Amazon SNS webhook payloads without...

  • SecurityMay 8, 2026

    CVE-2026-33109: Azure Managed Instance for Apache Cassandra

    A critical improper access control flaw in Azure Managed Instance for Apache Cassandra allows an authorized network attacker to execute arbitrary code,...

  • SecurityMay 3, 2026

    CVE-2026-5324: WordPress Brizy Page Builder Unauthenticated

    The Brizy Page Builder plugin for WordPress contains a critical unauthenticated Stored Cross-Site Scripting flaw in versions up to 2.8.11, enabling...

  • SecurityApr 30, 2026

    CVE-2026-7381: Plack::Middleware::XSendfile

    A critical CVSS 9.1 vulnerability in Plack::Middleware::XSendfile versions through 1.0053 allows remote attackers to control the X-Sendfile-Type header,...

  • SecurityApr 29, 2026

    Snap One WattBox 800/820 Diagnostic Auth Bypass

    A CVSS 9.8 critical vulnerability in Snap One WattBox 800 and 820 series firmware exposes undisclosed diagnostic HTTP endpoints protected only by the...

  • SecurityApr 29, 2026

    Google Chrome GPU Use-After-Free Sandbox Escape

    A CVSS 9.6 critical use-after-free vulnerability in the GPU component of Google Chrome prior to 147.0.7727.138 allows a remote attacker to potentially...

  • SecurityApr 27, 2026

    CVE-2026-6785: Memory Safety Bugs in Firefox and Thunderbird Enable Arbitrary Code Execution

    A CVSS 8.1 high-severity collection of memory safety bugs affects Firefox 149, Firefox ESR 140.9, Firefox ESR 115.34, Thunderbird 149, and Thunderbird ESR...

  • SecurityApr 27, 2026

    CVE-2026-7037: Unauthenticated OS Command Injection in Totolink A8000RU

    A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...

  • SecurityApr 26, 2026

    CVE-2026-7002: SQL Injection in KLiK SocialMediaWebsite

    CVE-2026-7002 is a CVSS 7.3 SQL injection vulnerability in KLiK SocialMediaWebsite up to version 1.0.1, exploitable remotely via the c_id parameter in the...

  • SecurityApr 26, 2026

    Typecho 1.3.0 Pingback SSRF via X-Pingback Manipulation

    A CVSS 7.3 server-side request forgery vulnerability in Typecho up to 1.3.0 allows attackers to manipulate the X-Pingback/link argument in Service.php to...

  • SecurityApr 25, 2026

    CVE-2026-21515: Azure IoT Central Elevation of Privilege

    A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...

  • SecurityApr 23, 2026

    CVE-2018-25270: ThinkPHP 5.0.23 Remote Code Execution via Routing Parameter

    ThinkPHP 5.0.23 contains a critical unauthenticated remote code execution vulnerability allowing attackers to invoke arbitrary PHP functions via a crafted...

  • SecurityApr 23, 2026

    CVE-2018-25272: ELBA5 5.8.0 RCE via Default Database

    ELBA5 5.8.0 contains a critical remote code execution vulnerability where default database connector credentials allow attackers to connect to the...

  • SecurityApr 23, 2026

    CVE-2026-33656: EspoCRM Formula Engine Attachment sourceId

    A critical improper access control vulnerability in EspoCRM's built-in formula scripting engine allows authenticated administrators to overwrite the...

  • SecurityApr 23, 2026

    CVE-2026-41167: Jellystat Authenticated SQL Injection in Multiple API Endpoints (CVSS 9.1)

    A critical SQL injection vulnerability in Jellystat, the open-source statistics app for Jellyfin, allows authenticated users to execute arbitrary SQL...

  • SecurityApr 23, 2026

    CVE-2026-4119: WordPress Create DB Tables Plugin

    A critical CVSS 9.1 authorization bypass in the WordPress Create DB Tables plugin (all versions up to 1.2.1) allows unauthenticated users to create or...

  • SecurityApr 22, 2026

    CVE-2026-21997: Oracle Life Sciences Empirica Signal

    A high-severity vulnerability in Oracle Life Sciences Empirica Signal versions 9.2.1-9.2.3 allows a low-privileged attacker with network access via HTTP...

  • SecurityApr 21, 2026

    CVE-2026-5965: NewSoftOA Critical OS Command Injection

    A critical OS command injection vulnerability in NewSoftOA by NewSoft allows unauthenticated local attackers to inject and execute arbitrary OS commands...

  • NewsApr 19, 2026

    NIST to Stop Rating Non-Priority Flaws Due to Volume

    The National Institute of Standards and Technology will stop assigning CVSS severity scores to lower-priority vulnerabilities in the NVD as CVE submission...

  • SecurityApr 19, 2026

    CVE-2026-6568: KodExplorer Path Traversal in Public Share

    A path traversal vulnerability in KodExplorer up to v4.52 allows remote attackers to read arbitrary files via the share.class.php Public Share Handler,...

  • SecurityApr 18, 2026

    CVE-2026-40285: WeGIA SQL Injection via PHP extract()

    A high-severity SQL injection vulnerability in WeGIA, a web manager for charitable institutions, allows authenticated attackers to escalate privileges by...

  • SecurityApr 11, 2026

    CVE-2026-31845: Rukovoditel CRM Reflected XSS in Zadarma

    Rukovoditel CRM versions 3.6.4 and earlier contain a critical reflected XSS vulnerability in the Zadarma telephony API endpoint. The application reflects...

  • SecurityApr 11, 2026

    CVE-2026-34621: Adobe Acrobat Reader Prototype Pollution

    Adobe Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by a critical prototype pollution vulnerability (CWE-1321) that can lead...

  • SecurityApr 9, 2026

    CVE-2026-25776: Movable Type Critical Code Injection (CVSS

    Six Apart's Movable Type CMS contains a critical code injection vulnerability allowing unauthenticated attackers to execute arbitrary Perl scripts on...

  • SecurityApr 8, 2026

    CVE-2026-4003: WordPress Users Manager PN Plugin Privilege

    A critical privilege escalation vulnerability in the Users Manager – PN WordPress plugin (v1.1.15 and below) allows unauthenticated attackers to update...

  • SecurityApr 7, 2026

    CVE-2026-26026: GLPI Template Injection Enables

    GLPI versions 11.0.0 through 11.0.5 contain a server-side template injection vulnerability in the administrator interface that allows authenticated admins...

  • SecurityApr 7, 2026

    CVE-2026-35392: Critical Path Traversal in goshs Go HTTP

    A critical CVSS 9.8 path traversal vulnerability in goshs, a SimpleHTTPServer written in Go, allows unauthenticated attackers to write arbitrary files via...

  • SecurityApr 7, 2026

    CVE-2026-5637: SQL Injection in projectworlds Car Rental

    A remotely exploitable SQL injection vulnerability (CVE-2026-5637) has been disclosed in projectworlds Car Rental System 1.0. The flaw exists in...

  • SecurityApr 6, 2026

    CVE-2019-25662: ResourceSpace 8.6 Unauthenticated SQL

    An unauthenticated SQL injection vulnerability in ResourceSpace 8.6 allows attackers to execute arbitrary database queries via the 'ref' parameter in...

  • SecurityApr 5, 2026

    CVE-2026-5534 — SQL Injection in itsourcecode Online

    A high-severity SQL injection vulnerability in itsourcecode Online Enrollment System 1.0 allows remote unauthenticated attackers to manipulate the USERID...

  • SecurityApr 5, 2026

    CVE-2026-5540 — SQL Injection in code-projects Simple

    A high-severity SQL injection vulnerability in code-projects Simple Laundry System 1.0 allows remote unauthenticated attackers to manipulate the firstName...

  • SecurityApr 4, 2026

    CVE-2026-26477: DokuWiki media_upload_xhr() Denial of Service

    A high-severity denial-of-service vulnerability in DokuWiki v.2025-05-14b 'Librarian' allows remote attackers to crash the application by exploiting the...

  • SecurityApr 3, 2026

    CVE-2026-26135: Azure Custom Locations SSRF Enables

    A critical server-side request forgery vulnerability in Azure Custom Locations Resource Provider allows an authorized attacker to elevate privileges over...

  • SecurityApr 3, 2026

    CVE-2026-33615: Critical Unauthenticated SQL Injection in setinfo Endpoint

    A critical unauthenticated SQL injection vulnerability (CVSS 9.1) in the setinfo endpoint allows remote attackers to corrupt data and cause denial of...

  • SecurityApr 2, 2026

    Juju Dqlite Cluster TLS Auth Bypass — Unauthenticated

    A CVSS 10.0 critical vulnerability in Juju versions 3.2.0–3.6.18 and 4.0–4.0.3 allows unauthenticated attackers to connect directly to the internal Dqlite...

  • SecurityApr 1, 2026

    CVE-2026-5272: Chrome GPU Heap Buffer Overflow Enables

    A high-severity heap buffer overflow in Chrome's GPU component allows remote attackers to execute arbitrary code via a crafted HTML page. Affects all...

  • SecurityMar 30, 2026

    CVE-2025-15036: MLflow Path Traversal in Archive Extraction

    A critical path traversal vulnerability in MLflow's extract_archive_to_dir function allows attackers to write arbitrary files outside the intended...

  • SecurityMar 30, 2026

    CVE-2025-15379: MLflow Command Injection in Model Serving

    A maximum-severity command injection vulnerability in MLflow's model serving container initialization allows attackers to execute arbitrary OS commands...

  • SecurityMar 30, 2026

    CVE-2026-2370: GitLab Jira Connect Credential Impersonation

    GitLab has patched a high-severity vulnerability in its Jira Connect integration affecting CE/EE versions from 14.3 through 18.10 that allowed an...

  • SecurityMar 30, 2026

    CVE-2026-32973: OpenClaw Exec Allowlist Bypass via Glob

    A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to bypass the exec allowlist by exploiting improper glob pattern normalization where the ?...

  • SecurityMar 30, 2026

    CVE-2026-32975: OpenClaw Zalouser Weak Authorization via Mutable Group Display Names

    A critical CVSS 9.8 authorization bypass in OpenClaw's Zalouser allowlist mode matches mutable group display names instead of stable identifiers, letting...

  • SecurityMar 30, 2026

    CVE-2026-32987: OpenClaw Bootstrap Code Replay Enables

    A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...

  • SecurityMar 29, 2026

    CVE-2026-5016: elecV2P SSRF Vulnerability in URL Handler

    A server-side request forgery vulnerability in elecV2P up to version 3.8.3 allows remote attackers to manipulate the eAxios function via the /mock...

  • SecurityMar 28, 2026

    CVE-2025-12886: Oxygen Theme SSRF Allows Unauthenticated

    A Server-Side Request Forgery vulnerability in the Oxygen Theme plugin for WordPress (all versions up to 6.0.8) enables unauthenticated attackers to make...

  • SecurityMar 28, 2026

    CVE-2026-33875: Gematik Authenticator Authentication Flow

    A critical vulnerability in Gematik Authenticator prior to version 4.16.0 allows attackers to hijack authentication sessions via malicious deep links,...

  • SecurityMar 27, 2026

    CVE-2026-33669: SiYuan Unauthenticated Document Content

    A critical unauthenticated information disclosure vulnerability in SiYuan, the personal knowledge management system, allows remote attackers to retrieve...

  • SecurityMar 27, 2026

    CVE-2026-33670: SiYuan readDir Path Traversal Notebook

    A critical path traversal vulnerability in SiYuan's /api/file/readDir interface allows unauthenticated remote attackers to traverse notebook directories...

  • SecurityMar 24, 2026

    CVE-2026-33478: AVideo CloneSite Plugin Unauthenticated RCE

    A critical chain of vulnerabilities in WWBN AVideo's CloneSite plugin allows fully unauthenticated attackers to achieve remote code execution via key...

  • SecurityMar 23, 2026

    Tenda A15 UploadCfg Stack Buffer Overflow (CVE-2026-4567)

    A CVSS 9.8 Critical stack-based buffer overflow in Tenda A15 firmware 15.13.07.13 allows unauthenticated remote attackers to execute arbitrary code by...

  • SecurityMar 23, 2026

    CVE-2026-4599: jsrsasign Private Key Recovery via DSA Nonce

    A critical flaw in jsrsasign versions 7.0.0 through 11.1.0 allows attackers to recover DSA private keys by exploiting biased nonce generation in the...

  • SecurityMar 22, 2026

    CVE-2026-3629: WordPress User Import Plugin Privilege

    The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions up to 1.29.7, allowing authenticated...

  • SecurityMar 22, 2026

    D-Link DHP-1320 SOAP Handler Stack Buffer Overflow

    A CVSS 8.8 stack-based buffer overflow in D-Link DHP-1320 firmware 1.00WWB04 allows unauthenticated remote attackers to execute arbitrary code via a...

  • SecurityMar 18, 2026

    CVE-2026-21994: Critical Unauthenticated RCE in Oracle Edge

    A critical unauthenticated remote code execution vulnerability (CVSS 9.8) in Oracle's Edge Cloud Infrastructure Designer and Visualisation Toolkit allows...

  • SecurityMar 18, 2026

    CVE-2026-30884: Critical Authorization Bypass in Moodle

    A critical (CVSS 9.6) authorization bypass vulnerability in the moodle-mod_customcert plugin allows any teacher with manage capability in a single course...

  • SecurityMar 18, 2026

    CVE-2026-32298: Angeet ES3 KVM OS Command Injection via cfg.lua Script

    A high-severity OS command injection vulnerability (CVSS 9.1) in the Angeet ES3 KVM switch allows authenticated attackers to execute arbitrary OS-level...

  • SecurityMar 17, 2026

    CVE-2015-20118: Stored XSS in RealtyScript 4.0.2 Admin

    A stored cross-site scripting vulnerability in RealtyScript 4.0.2 allows attackers to inject malicious JavaScript via the location_name parameter in the...

  • SecurityMar 7, 2026

    CVE-2018-25165: SQL Injection Disclosed in Galaxy Forces MMORPG

    A SQL injection vulnerability in Galaxy Forces MMORPG version 0.5.8 has been formally catalogued by NVD, enabling authenticated attackers to extract...

  • SecurityMar 7, 2026

    CVE-2018-25169: Denial of Service Vulnerability Catalogued

    A denial of service vulnerability in AMPPS 2.7, a local web server stack for developers, has been formally assigned CVE-2018-25169 with a CVSS score of...

  • SecurityMar 4, 2026

    CVE-2026-28775: Unauthenticated Root RCE in IDC SFX

    A critical unauthenticated RCE vulnerability in International Datacasting Corporation's SFX Series satellite receivers allows attackers to execute...