CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2025-53827 ownCloud Core: Updater has an exposed dangerous method or function 06.07.2026 9.1
CVE-2025-53830 Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) 06.07.2026 9.1
CVE-2026-12686 Incorrect authorisation in Adiss’s Biloop 06.07.2026 9.3
CVE-2026-6900 Improper Certificate Validation 06.07.2026 9.1
CVE-2026-14807 PROG MIS|ERP App - Use of Hard-coded Credentials 06.07.2026 9.3
CVE-2026-14808 PROG MIS|Prog Management System - Exposure of Sensitive Information 06.07.2026 9.3
CVE-2026-59509 Unauthenticated arbitrary MongoDB collection read in cve-search 06.07.2026 9.2
CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write 06.07.2026 9.6
CVE-2026-20896 Gitea Docker image trusts spoofable reverse-proxy headers by default 05.07.2026 9.8
CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF 03.07.2026 9.6
CVE-2026-58289 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability 06.07.2026 9
CVE-2026-4321 SQLi in Raera's Destekz 03.07.2026 9.8
CVE-2026-14544 Hplip: incomplete fix for cve-2026-8631 06.07.2026 9.8
CVE-2026-9725 Printcart Web to Print Product Designer for WooCommerce <= 2.5.2 - Unauthenticated Arbitrary File Deletion 03.07.2026 9.1
CVE-2026-13768 Gardyn IoT Hub Use of Hard-coded Credentials 06.07.2026 9.5
CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication 06.07.2026 9.2
CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability 06.07.2026 9.3
CVE-2026-45499 Azure OpenAI Elevation of Privilege Vulnerability 06.07.2026 9.9
CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability 06.07.2026 9.9
CVE-2026-52830 fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection 06.07.2026 9.4
CVE-2026-58466 AutoBangumi < 3.2.8 - Hard-coded Default Credentials via add_default_user() 06.07.2026 9.3
CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure 06.07.2026 9.3
CVE-2022-50973 Yonyou KSOA 9.0 Unauthenticated File Upload RCE via ImageUpload Servlet 02.07.2026 9.3
CVE-2024-14037 Redsea Cloud eHR Unauthenticated File Upload RCE via PtFjk.mob 02.07.2026 9.3
CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer 03.07.2026 9.9
CVE-2026-58455 Dockwatch 0.6.567 Unauthenticated OS Command Injection via ajax/compose.php 06.07.2026 9.2
CVE-2026-50746 02.07.2026 10
CVE-2026-50747 02.07.2026 9.9
CVE-2026-50748 02.07.2026 9.9
CVE-2026-54400 02.07.2026 9.1
CVE-2026-54402 02.07.2026 9.9
CVE-2026-55115 02.07.2026 9.9
CVE-2026-55116 02.07.2026 9
CVE-2026-56004 obs-service-tar_scm: command injection via mercurial handler 02.07.2026 10
CVE-2026-4767 Improper Access Control in TR7's WAF-ASP 02.07.2026 9.8
CVE-2026-5524 Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter 02.07.2026 9.8
CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability 02.07.2026 9.9
CVE-2026-27436 WordPress Five Star Business Profile and Schema plugin <= 2.3.19 - Arbitrary Code Execution vulnerability 02.07.2026 9.1
CVE-2026-57621 WordPress Booktics plugin <= 1.0.21 - PHP Object Injection vulnerability 02.07.2026 9.8
CVE-2026-57623 WordPress W3 Total Cache plugin <= 2.9.4 - Arbitrary Code Execution vulnerability 02.07.2026 9
CVE-2026-57624 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Remote Code Execution (RCE) vulnerability 02.07.2026 10
CVE-2026-57625 WordPress Admin and Site Enhancements (ASE) Pro plugin <= 8.8.5 - Cross Site Scripting (XSS) vulnerability 02.07.2026 9.6
CVE-2026-57677 WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability 02.07.2026 9.8
CVE-2026-57679 WordPress GeekyBot plugin <= 1.2.5 - SQL Injection vulnerability 02.07.2026 9.3
CVE-2026-57683 WordPress WP Fast Total Search plugin <= 1.80.280 - SQL Injection vulnerability 02.07.2026 9.3
CVE-2026-14439 Path Traversal in Altium Git Service Allows Remote Code Execution 02.07.2026 9.4
CVE-2026-58457 Shenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.csp 06.07.2026 9.3
CVE-2026-50160 Mass Assignment via Onboarding Endpoint Allows Unauthenticated JWT_SECRET Overwrite 02.07.2026 10
CVE-2026-34108 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text.php 02.07.2026 9.3
CVE-2026-34109 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.php 01.07.2026 9.3
CVE-2026-34110 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in complex_start.php 01.07.2026 9.3
CVE-2026-34111 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac_text.php 01.07.2026 9.3
CVE-2026-34112 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php 01.07.2026 9.3
CVE-2026-34113 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech_text.php 01.07.2026 9.3
CVE-2026-34114 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate_text.php 02.07.2026 9.3
CVE-2026-34115 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php 01.07.2026 9.3
CVE-2026-34116 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe.php 01.07.2026 9.3
CVE-2026-34117 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text_to_subtitles.php 01.07.2026 9.3
CVE-2026-34099 Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.php 02.07.2026 9.3
CVE-2026-34100 Guardian Language-System Unauthenticated SQL Injection via id Parameter in media.php 01.07.2026 9.3
CVE-2026-34101 Guardian Language-System Unauthenticated SQL Injection via id Parameter in text_file.php 01.07.2026 9.3
CVE-2026-34102 Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info_get.php 01.07.2026 9.3
CVE-2026-34103 Guardian Language-System Unauthenticated SQL Injection via id Parameter in subtitles.php 01.07.2026 9.3
CVE-2026-34104 Guardian Language-System Unauthenticated SQL Injection via name Parameter in designer.php 01.07.2026 9.3
CVE-2026-34105 Guardian Language-System Unauthenticated SQL Injection via id Parameter in translate_text.php 02.07.2026 9.3
CVE-2026-34106 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in subtitles.php 01.07.2026 9.3
CVE-2026-34107 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate.php 01.07.2026 9.3
CVE-2026-58453 JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc 01.07.2026 9.3
CVE-2025-23350 01.07.2026 9
CVE-2025-23351 01.07.2026 9
CVE-2026-24270 01.07.2026 9.8
CVE-2026-57517 Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter 02.07.2026 9.3
CVE-2026-58126 PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service 01.07.2026 9.3
CVE-2026-58127 PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service 01.07.2026 9.3
CVE-2026-23537 Feast: unauthenticated arbitrary file write 02.07.2026 9.1
CVE-2026-13603 SSRF with API key leak in pretix-oppwa 01.07.2026 9
CVE-2026-57692 WordPress PrivateContent plugin <= 9.9.2 - Privilege Escalation vulnerability 01.07.2026 9.8
CVE-2026-14198 @fastify/middie vulnerable to authorization bypass via encoded slash in path parameter values 01.07.2026 9.1
CVE-2026-10539 Unauthenticated command injection in Control-M/Server communication command 01.07.2026 9.5
CVE-2026-11387 SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset 01.07.2026 9.8
CVE-2026-6070 WP-BusinessDirectory <= 4.0.1 - Unauthenticated Arbitrary File Deletion via Path Traversal via '_filename' Parameter 01.07.2026 9.1
CVE-2026-7839 UltraVNC repeater ships hardcoded default admin password allowing unauthenticated admin access 01.07.2026 9.1
CVE-2026-7840 UltraVNC repeater HTTP server global buffer overflow via long URI (pre-auth RCE) 01.07.2026 9.3
CVE-2026-53488 containerd CRI plugin: — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull 03.07.2026 9.4
CVE-2026-50110 Use of Hard-coded Credentials in StoneFly Storage Concentrator 01.07.2026 9.3
CVE-2026-55721 SQL Injection in StoneFly Storage Concentrator 01.07.2026 9.2
CVE-2026-56413 OS Command Injection in StoneFly Storage Concentrator 01.07.2026 10
CVE-2026-56415 OS Command Injection in StoneFly Storage Concentrator 01.07.2026 10
CVE-2026-56264 Crawl4AI - Arbitrary JavaScript Execution via /execute_js Endpoint 01.07.2026 9.2
CVE-2026-56278 Flowise - Session Hijacking via Weak Default Express Session Secret 01.07.2026 9.3
CVE-2026-56700 Grav - Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command Injection 01.07.2026 9.3
CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal 01.07.2026 9.3
CVE-2026-58449 txtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function Parameter 01.07.2026 9.3
CVE-2026-10109 IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling 01.07.2026 9.8
CVE-2026-10134 Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows 01.07.2026 10
CVE-2026-10140 Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem 02.07.2026 9.6
CVE-2026-11708 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability 01.07.2026 9.3
CVE-2026-11712 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability 01.07.2026 9.3
CVE-2026-7663 Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass 01.07.2026 9.1
CVE-2026-7803 Flow Validation Bypass via Empty Component Type Field 01.07.2026 9.8
CVE-2026-7871 Insecure Deserialization in Redis Cache Backend 01.07.2026 9.8
CVE-2026-7873 Code Injection Vulnerability in Code Validation Endpoint 01.07.2026 9.9
CVE-2026-7874 Weak Cryptographic Key Derivation Exposed All Stored Credentials 02.07.2026 9.1
CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators 01.07.2026 9.3
CVE-2026-58172 Ocelot - IP Allow/Block List Bypass for WebSocket Upgrade Requests 02.07.2026 9.3
CVE-2026-58370 Woodpecker < 3.15.0 - GitLab Approval Gate Bypass via Spoofable Commit Author Name 02.07.2026 9.2
CVE-2026-48276 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434) 01.07.2026 10
CVE-2026-48277 ColdFusion | Improper Input Validation (CWE-20) 01.07.2026 10
CVE-2026-48281 ColdFusion | Improper Input Validation (CWE-20) 01.07.2026 10
CVE-2026-48282 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) 01.07.2026 10
CVE-2026-48283 ColdFusion | Unrestricted Upload of File with Dangerous Type (CWE-434) 01.07.2026 10
CVE-2026-48286 Adobe Campaign Classic (ACC) | Incorrect Authorization (CWE-863) 01.07.2026 10
CVE-2026-48313 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) 30.06.2026 9.3
CVE-2026-48315 ColdFusion | Improper Input Validation (CWE-20) 01.07.2026 9.3
CVE-2026-58116 LLaMA-Factory 0.9.5 Remote Code Execution via WebUI Model Path 30.06.2026 9.3
CVE-2026-6556 @fastify/express vulnerable to middleware bypass via non-string mount paths in prefixed plugins 30.06.2026 9.1
CVE-2026-44946 SAML Authentication Replay in Rancher 01.07.2026 9.5
CVE-2026-14162 Advantech|Hospital Quering Management - Missing Authentication 30.06.2026 9.3
CVE-2026-53690 SQL Injection in Redeight CMS 30.06.2026 9.3
CVE-2026-8402 SQLi in Exagate's SYSGUARD 6001 06.07.2026 9.8
CVE-2026-12076 SQL Injection in Raytha CMS 30.06.2026 9.3
CVE-2026-9711 EventON - WordPress Virtual Event Calendar Plugin <= 5.0.11 - Unauthenticated Blind SQL Injection via Search Parameter 30.06.2026 9.8
CVE-2026-12818 DVP-12SE Exposure of Sensitive Information Vulnerability 30.06.2026 9.3
CVE-2026-12819 DVP-12SE Missing Authentication and Unauthorized Write access Vulnerability 30.06.2026 9.3
CVE-2026-12073 ProfileGrid - User Profiles, Groups and Communities <= 5.9.9.5 - Unauthenticated Privilege Escalation via Email Overwrite 30.06.2026 9.8
CVE-2026-57498 Coolify Cross-Team IDOR: Livewire Components Accept Unscoped server_id and destination_uuid — Deploy to Other Teams' Servers 30.06.2026 9.6
CVE-2026-11720 Path Traversal in googleapis/mcp-toolbox HTTP Tool URL Builder 29.06.2026 9.3
CVE-2026-56782 Gorse - Unauthenticated Database Dump and Restore via /api/dump and /api/restore Endpoints 30.06.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2025-53827 ownCloud Core: Updater has an exposed dangerous method or function 06.07.2026 9.1
CVE-2025-53828 SharePoint for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) 06.07.2026 8.5
CVE-2025-53829 ownCloud 10 is vulnerable to Relative Path Traversal 06.07.2026 8
CVE-2025-53830 Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) 06.07.2026 9.1
CVE-2026-13122 06.07.2026
CVE-2026-58203 NestedSecretsSettingsSource follows symlinks outside secrets_dir, enabling local file read and bypassing secrets_dir_max_size 06.07.2026 5.3
CVE-2026-59152 Arbitrary server-side file read in LangSmith SDK TracingMiddleware 06.07.2026 5
CVE-2026-59194 pnpm: patch-remove could delete project-selected files outside the patches directory 06.07.2026 7.1
CVE-2026-59195 pnpm: Path traversal in configDependencies env lockfile allows symlink creation outside node_modules/.pnpm-config 06.07.2026 8.2
CVE-2026-59196 pnpm: hoisted install imports lockfile alias outside node_modules 06.07.2026 7.1
CVE-2026-5268 SFTP Server Authentication Weakness 06.07.2026
CVE-2026-13698 06.07.2026
CVE-2026-54893 Email-derived URL path injection in the Swoosh Microsoft Graph adapter 06.07.2026
CVE-2026-58380 Gimp: gimp: stack buffer overflow in pnmscanner_gettoken() 06.07.2026
CVE-2026-7185 Unauthorized access to files in T-Systems products 06.07.2026
CVE-2026-13705 Imager versions before 1.032 for Perl have a heap out-of-bounds read in the bundled Imager::File::SGI reader via a 16-bit RLE literal run in read_rgb_16_rle 06.07.2026
CVE-2026-13708 Imager::File::JPEG versions before 1.003 for Perl leak heap memory when reading a JPEG with repeated APP13 markers in i_readjpeg_wiol 06.07.2026
CVE-2025-15667 GPAC MP4Box avc_ext.c gf_isom_nalu_sample_rewrite double free 06.07.2026
CVE-2025-15668 GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow 06.07.2026
CVE-2025-8591 Reflected Cross-Site Scripting via URL Parameter in Multiple WSO2 Products Enables UI Modification 06.07.2026 6.1
CVE-2026-12686 Incorrect authorisation in Adiss’s Biloop 06.07.2026
CVE-2026-44936 Rancher Fleet SSRF in Bundle Reader via Unvalidated Helm Repository URL in fleet.yaml 06.07.2026 5
CVE-2026-44937 SUSE Rancher Fleet had an Unauthenticated Webhook: Regex Injection via Unsanitized Repository URL Components 06.07.2026
CVE-2026-46587 Apache Camel: Couchbase: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input 06.07.2026
CVE-2026-46588 Apache Camel: CouchDB: Non-Camel-prefixed Exchange headers bypass HeaderFilterStrategy allowing operation override from untrusted input 06.07.2026
CVE-2026-49042 Apache Camel: langchain4j-tools: filter tool argument headers against declared parameters 06.07.2026
CVE-2026-49297 Apache Airflow Google provider: Path traversal via GCS object names → local/SFTP filesystem (GCSToSFTPOperator + GCSTimeSpanFileTransformOperator) 06.07.2026
CVE-2026-4249 Denial of Service via Malicious JSON Payloads in Throttling Events in Multiple WSO2 Products Causing Persistent Service Disruption 06.07.2026 8.6
CVE-2026-56810 mint buffers an entire chunked response chunk in memory in Mint.HTTP1.decode_body/5 06.07.2026
CVE-2026-58226 Unauthenticated denial-of-service via unbounded HPACK integer decoding in hpax 06.07.2026
CVE-2026-6900 Improper Certificate Validation 06.07.2026 7.4
CVE-2026-6901 Untrusted Search Path 06.07.2026 7.7
CVE-2026-14809 PROG MIS|Prog Management System - SQL Injection 06.07.2026
CVE-2026-1433 uniFLOW Universal Login Manager (ULM) Standalone Improper Protection of Sensitive Information Leads to Information Disclosure 06.07.2026
CVE-2026-24012 Apache IoTDB: Denial of Service via Resource Exhaustion in Aggregation Query 06.07.2026
CVE-2026-24013 Apache IoTDB: Authentication Bypass via Forged SessionID in Thrift RPC 06.07.2026
CVE-2026-24014 Apache IoTDB: Path Traversal in DataNode Internal RPC Trigger JAR Upload Allows Arbitrary File Write 06.07.2026
CVE-2026-40047 Apache Camel: Camel-Docling: Insufficient validation of custom CLI arguments enables argument injection and path traversal in DoclingProducer 06.07.2026
CVE-2026-40859 Apache Camel: Camel-Vertx-Http: Unsafe Java deserialization of HTTP response bodies via a raw ObjectInputStream when transferException is enabled 06.07.2026
CVE-2026-42527 Apache Camel: Permissive default ObjectInputFilter pattern admits java.net.** and enables DNS-based information disclosure 06.07.2026
CVE-2026-43865 Apache Camel: Camel-Hazelcast: Unsafe Java deserialization in default-configured managed Hazelcast instances enables remote code execution 06.07.2026
CVE-2026-43866 Apache Camel, Apache Camel: Camel JMS - CVE-2026-40860 fix bypass via DefaultExchangeHolder 06.07.2026
CVE-2026-43867 Apache Camel: Camel-PQC: The AWS Secrets Manager key-lifecycle manager deserializes persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter 06.07.2026
CVE-2026-44934 Exposed tokens in SUSE Rancher AI Agent logs 06.07.2026
CVE-2026-46453 Apache Camel: Camel-Elasticsearch-Rest-Client: Exchange header constants without the Camel prefix bypass inbound HTTP header filtering, allowing untrusted clients to override the Elasticsearch query and operation 06.07.2026
CVE-2026-46454 Apache Camel: Camel-Cometd: Inbound Bayeux message headers are mapped into the Exchange without a HeaderFilterStrategy, allowing unauthenticated clients to inject Camel control headers 06.07.2026
CVE-2026-46455 Apache Camel: Camel-Keycloak: The access-token validity window is not verified because the IS_ACTIVE check is missing from the TokenVerifier, allowing expired tokens to be accepted 06.07.2026
CVE-2026-46456 Apache Camel: Camel-AWS2-SQS: Inbound message attributes are mapped into the Exchange without an inbound HeaderFilterStrategy, allowing a message sender to inject Camel control headers 06.07.2026
CVE-2026-46457 Apache Camel: Camel-NATS: Inbound NATS message headers are mapped into the Exchange without a configured HeaderFilterStrategy, allowing a client that can publish to the subject to inject Camel control headers 06.07.2026
CVE-2026-46584 Apache Camel Mail: The mail producer applied attacker-supplied message headers as JavaMail session properties, allowing an attacker to influence SMTP parameters 06.07.2026
CVE-2026-46585 Apache Camel Lucene: The query control headers used non-Camel-prefixed names (QUERY, RETURN_LUCENE_DOCS) that bypass the HTTP header filter, allowing an HTTP client to inject the full-text search query 06.07.2026
CVE-2026-46590 Apache Camel: Camel-PQC: The HashiCorp Vault and AWS Secrets Manager key-lifecycle managers deserialize persisted key metadata with java.io.ObjectInputStream and no ObjectInputFilter (incomplete remediation of CVE-2026-40048) 06.07.2026
CVE-2026-46591 Apache Camel: Camel-Neo4j: JSON property names from the CamelNeo4jMatchProperties header are interpolated into the Cypher WHERE clause without validation, allowing Cypher injection (incomplete remediation of CVE-2025-66169) 06.07.2026
CVE-2026-46592 Apache Camel: Camel-CXF: The SOAP operation-selection headers used non-Camel-prefixed names (operationName, operationNamespace) that bypass the HTTP header filter, allowing an HTTP client to redirect the invoked SOAP operation 06.07.2026
CVE-2026-46726 Apache Camel Vertx Websocket: The inbound consumer maps externally-supplied WebSocket query and path parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers 06.07.2026
CVE-2026-48203 Apache Camel: Camel-Solr: The SolrParam. and SolrField. Exchange header prefixes used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to inject Solr query parameters (server-side request forgery) and document fields 06.07.2026
CVE-2026-48204 Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configuration 06.07.2026
CVE-2026-48205 Apache Camel DNS: The dns.* and term Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour 06.07.2026
CVE-2026-48206 Apache Camel JIRA: A set of non-Camel-prefixed Exchange header constants bypass the HTTP header filter, allowing an HTTP client to drive arbitrary JIRA issue operations using the endpoint's configured credentials 06.07.2026
CVE-2026-49086 Apache Camel Dapr: Pub/Sub consumer copied the inbound CloudEvent's pub/sub-name and topic into producer-direction routing headers, allowing an actor who can publish to the subscribed topic to influence internal behaviour 06.07.2026
CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users 06.07.2026
CVE-2026-49098 Apache Camel: Camel-Kafka: The kafka.OVERRIDE_TOPIC (and other kafka.*) Exchange header constants used non-Camel-prefixed names that bypass the upstream HTTP header filter, allowing an HTTP client to redirect Kafka messages to an arbitrary topic 06.07.2026
CVE-2026-49099 Apache Camel Salesforce: Non-Camel-prefixed Exchange header constants bypass the HTTP header filter, allowing an HTTP client to influence internal behaviour 06.07.2026
CVE-2026-49365 Apache Camel: Camel-Netty-HTTP: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients 06.07.2026
CVE-2026-53913 Apache Camel Keycloak: KeycloakSecurityPolicy verifies the bearer access token only inside its role and permission checks, so in the default configuration the token is never verified and any non-null bearer value is accepted 06.07.2026
CVE-2026-55993 Apache Camel Atmosphere Websocket: The inbound consumer maps externally-supplied WebSocket query parameters into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling influencing internal behaviour 06.07.2026
CVE-2026-55994 Apache Camel Iggy: The inbound consumer maps externally-supplied Iggy message user-headers into the Exchange without a HeaderFilterStrategy, allowing injection of Camel control headers - enabling control over internal behaviour 06.07.2026
CVE-2026-56139 Apache Camel Undertow: The muteException consumer option defaulted to false, so a processing error returned the full Java stack trace in the HTTP response body, disclosing sensitive internal information to unauthenticated clients 06.07.2026
CVE-2026-56140 Apache Camel AWS2 SNS: An inbound Camel-namespace filter was added to Sns2HeaderFilterStrategy to align it with sibling components 06.07.2026
CVE-2026-9165 Stackrox: stackrox: unbounded graphql query depth allows authenticated denial of service 06.07.2026
CVE-2024-6228 WANotifier < 2.6 - Subscriber+ LFI 06.07.2026
CVE-2026-10830 AllCoach < 1.0.2 - Unauthenticated Account Takeover 06.07.2026
CVE-2026-11766 Ultimate Member < 2.12.0 - Subscriber+ Stored XSS via Custom Textarea Profile Fields 06.07.2026
CVE-2026-11855 Simple Membership < 4.7.5 - Unauthenticated Stored XSS via Stripe Webhook API Version 06.07.2026
CVE-2026-11962 FileOrganizer < 1.2.0 - Authenticated Arbitrary File Upload via elFinder File Operations 06.07.2026
CVE-2026-12083 Admin and Site Enhancements < 8.8.4 - Unauthenticated Administrator-Role Restoration via reset-for Parameter 06.07.2026
CVE-2026-14800 imhamzaazam ecommerceFlask cross-site request forgery 06.07.2026
CVE-2026-14801 GPAC TeXML File load_text.c txtin_probe_duration divide by zero 06.07.2026
CVE-2026-14802 react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection 06.07.2026
CVE-2026-14807 PROG MIS|ERP App - Use of Hard-coded Credentials 06.07.2026
CVE-2026-14808 PROG MIS|Prog Management System - Exposure of Sensitive Information 06.07.2026
CVE-2026-6382 Multiple elFinder Plugins - Authenticated OS Command Injection 06.07.2026
CVE-2026-14797 CodeAstro Apartment Visitor Management System edit-apartment.php sql injection 06.07.2026
CVE-2026-14798 CodeAstro Apartment Visitor Management System visitor-entry.php sql injection 06.07.2026
CVE-2026-14799 CodeAstro Ecommerce Website my_account.php sql injection 06.07.2026
CVE-2026-14792 Formbricks Survey actions.ts access control 06.07.2026
CVE-2026-14793 Craft CMS reorder-sets Endpoint GlobalsController.php actionReorderSets authorization 06.07.2026
CVE-2026-14794 Craft CMS Charts Endpoint ChartsController.php actionGetNewUsersData improper authorization 06.07.2026
CVE-2026-14795 CodeAstro Apartment Visitor Management System action-visitor.php sql injection 06.07.2026
CVE-2026-14796 CodeAstro Apartment Visitor Management System report.php sql injection 06.07.2026
CVE-2026-14789 radareorg radare2 Memory64ListStream mdmp.c stack-based overflow 06.07.2026
CVE-2026-14790 GPAC Media File write_nhml.c nhmldump_send_frame null pointer dereference 06.07.2026
CVE-2026-14791 crater-invoice-inc crater Invoice Note InvoicesRequest.php getFormattedString cross site scripting 06.07.2026
CVE-2026-14787 radareorg radare2 pb Print cmd_print.inc cmd_print integer overflow 06.07.2026
CVE-2026-14788 radareorg radare2 cfile.c r_core_bin_load use after free 06.07.2026
CVE-2026-14803 Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder 06.07.2026
CVE-2026-14786 radareorg radare2 str.c r_str_word_get0set integer overflow 06.07.2026
CVE-2026-14784 vxcontrol PentAGI Docker API client.go sandbox 06.07.2026
CVE-2026-14778 SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_enroll.php improper authorization 06.07.2026
CVE-2026-14783 NousResearch hermes-agent skills_tool.py skill_view path traversal 05.07.2026
CVE-2026-14777 SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload 06.07.2026
CVE-2026-14775 SourceCodester Onlne Examination & Learning Management System process_lesson.php unrestricted upload 05.07.2026
CVE-2026-14776 SourceCodester Onlne Examination & Learning Management System Filename Extension upload_files.php pathinfo unrestricted upload 05.07.2026
CVE-2026-10656 NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers 05.07.2026 4.6
CVE-2026-10657 Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL) 05.07.2026 3.7
CVE-2026-14773 itsourcecode Hospital Management System payment.php sql injection 06.07.2026
CVE-2026-14774 itsourcecode Hospital Management System paymentdischarge.php sql injection 06.07.2026
CVE-2026-14772 SourceCodester Class and Exam Timetabling System edit_course1.php sql injection 06.07.2026
CVE-2026-14771 SourceCodester Class and Exam Timetabling System edit_exam1.php sql injection 06.07.2026
CVE-2026-59511 WordPress Exclusive Addons Elementor plugin <= 2.7.9.9 - Sensitive Data Exposure vulnerability 06.07.2026 5.3
CVE-2026-59519 WordPress FormLayer plugin <= 1.0.6 - Sensitive Data Exposure vulnerability 05.07.2026 5.3
CVE-2026-59520 WordPress CrawlWP SEO plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) vulnerability 06.07.2026 4.3
CVE-2026-14770 SourceCodester Class and Exam Timetabling System edit_room.php sql injection 05.07.2026
CVE-2026-14769 code-projects Real State Services pay.php sql injection 05.07.2026
CVE-2026-14767 CodeAstro Ecommerce Website POST Parameter confirm.php sql injection 06.07.2026
CVE-2026-14768 code-projects Real State Services builderHome.php sql injection 06.07.2026
CVE-2026-14766 CodeAstro Apartment Visitor Management System POST Parameter search-result.php sql injection 06.07.2026
CVE-2026-59510 Authenticated Path Traversal in AIL Framework PDF Object Handling Enables Potential Arbitrary File Read 06.07.2026