CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-53481 07.07.2026 9.8
CVE-2026-53483 07.07.2026 9.8
CVE-2026-14345 WPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' Parameter 07.07.2026 9.8
CVE-2026-34037 Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo() 07.07.2026 9.9
CVE-2026-34047 Coolify: WebSocket Endpoint Access Control Flaw Leading to Remote Code Execution 07.07.2026 9.9
CVE-2026-34048 Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers 07.07.2026 9.9
CVE-2026-34038 Coolify authenticated remote command injection leading to RCE and secret exfiltration 07.07.2026 9.9
CVE-2026-42341 FOSSBilling has an unauthenticated payment bypass via IPN callback forgery 07.07.2026 9.2
CVE-2026-57571 Crawl4AI arbitrary file write via download filename path traversal 07.07.2026 9.6
CVE-2026-57572 Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args 06.07.2026 10
CVE-2026-9181 Directory Traversal in ArcGIS Server 06.07.2026 9.8
CVE-2026-48614 06.07.2026 9.9
CVE-2026-40138 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access 07.07.2026 9.2
CVE-2026-40139 Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access 07.07.2026 9.2
CVE-2026-48316 ColdFusion | Improper Input Validation (CWE-20) 07.07.2026 10
CVE-2025-53827 ownCloud Core: Updater has an exposed dangerous method or function 06.07.2026 9.1
CVE-2025-53830 Anti-Virus for ownCloud 10 is vulnerable to Server-Side Request Forgery (SSRF) 06.07.2026 9.1
CVE-2026-12686 Incorrect authorisation in Adiss’s Biloop 06.07.2026 9.3
CVE-2026-6900 Improper Certificate Validation 06.07.2026 9.1
CVE-2026-14807 PROG MIS|ERP App - Use of Hard-coded Credentials 06.07.2026 9.3
CVE-2026-14808 PROG MIS|Prog Management System - Exposure of Sensitive Information 06.07.2026 9.3
CVE-2026-59509 Unauthenticated arbitrary MongoDB collection read in cve-search 06.07.2026 9.2
CVE-2026-58426 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write 06.07.2026 9.6
CVE-2026-20896 Gitea Docker image trusts spoofable reverse-proxy headers by default 05.07.2026 9.8
CVE-2026-22874 Gitea webhook and migration allow-list filtering permits SSRF 03.07.2026 9.6
CVE-2026-58289 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability 07.07.2026 9
CVE-2026-4321 SQLi in Raera's Destekz 06.07.2026 9.8
CVE-2026-14544 Hplip: incomplete fix for cve-2026-8631 06.07.2026 9.8
CVE-2026-9725 Printcart Web to Print Product Designer for WooCommerce <= 2.5.2 - Unauthenticated Arbitrary File Deletion 03.07.2026 9.1
CVE-2026-13768 Gardyn IoT Hub Use of Hard-coded Credentials 06.07.2026 9.5
CVE-2026-13368 WatchGuard Firebox Race Condition and Use-After-Free in Mobile VPN with IKEv2 LDAP Authentication 07.07.2026 9.2
CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability 07.07.2026 9.3
CVE-2026-45499 Azure OpenAI Elevation of Privilege Vulnerability 07.07.2026 9.9
CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability 07.07.2026 9.9
CVE-2026-52830 fast-mcp-telegram: Bearer token path traversal bypasses reserved Telegram session protection 06.07.2026 9.4
CVE-2026-58466 AutoBangumi < 3.2.8 - Hard-coded Default Credentials via add_default_user() 06.07.2026 9.3
CVE-2026-59099 Apereo CAS 7.3.0 < 8.0.0-RC6 - AES-GCM Nonce Reuse Information Disclosure 06.07.2026 9.3
CVE-2022-50973 Yonyou KSOA 9.0 Unauthenticated File Upload RCE via ImageUpload Servlet 02.07.2026 9.3
CVE-2024-14037 Redsea Cloud eHR Unauthenticated File Upload RCE via PtFjk.mob 02.07.2026 9.3
CVE-2026-44935 Rancher Fleet vulnerable to cross namespace secret disclosure via unvalidated `valuesFrom` references in Helm Deployer 03.07.2026 9.9
CVE-2026-58455 Dockwatch 0.6.567 Unauthenticated OS Command Injection via ajax/compose.php 06.07.2026 9.2
CVE-2026-50746 02.07.2026 10
CVE-2026-50747 02.07.2026 9.9
CVE-2026-50748 02.07.2026 9.9
CVE-2026-54400 02.07.2026 9.1
CVE-2026-54402 02.07.2026 9.9
CVE-2026-55115 02.07.2026 9.9
CVE-2026-55116 02.07.2026 9
CVE-2026-56004 obs-service-tar_scm: command injection via mercurial handler 02.07.2026 10
CVE-2026-4767 Improper Access Control in TR7's WAF-ASP 02.07.2026 9.8
CVE-2026-5524 Divi Form Builder <= 5.1.8 - Unauthenticated Arbitrary File Upload Leading to Remote Code Execution via 'acceptFileTypes' Parameter 02.07.2026 9.8
CVE-2026-27419 WordPress Zegen theme <= 1.1.9 - Arbitrary File Upload vulnerability 02.07.2026 9.9
CVE-2026-27436 WordPress Five Star Business Profile and Schema plugin <= 2.3.19 - Arbitrary Code Execution vulnerability 02.07.2026 9.1
CVE-2026-57621 WordPress Booktics plugin <= 1.0.21 - PHP Object Injection vulnerability 02.07.2026 9.8
CVE-2026-57623 WordPress W3 Total Cache plugin <= 2.9.4 - Arbitrary Code Execution vulnerability 02.07.2026 9
CVE-2026-57624 WordPress Blocksy Companion Pro plugin <= 2.1.46 - Remote Code Execution (RCE) vulnerability 02.07.2026 10
CVE-2026-57625 WordPress Admin and Site Enhancements (ASE) Pro plugin <= 8.8.5 - Cross Site Scripting (XSS) vulnerability 02.07.2026 9.6
CVE-2026-57677 WordPress Novalnet Payment Gateway for WooCommerce plugin <= 12.10.3 - PHP Object Injection vulnerability 02.07.2026 9.8
CVE-2026-57679 WordPress GeekyBot plugin <= 1.2.5 - SQL Injection vulnerability 02.07.2026 9.3
CVE-2026-57683 WordPress WP Fast Total Search plugin <= 1.80.280 - SQL Injection vulnerability 02.07.2026 9.3
CVE-2026-14439 Path Traversal in Altium Git Service Allows Remote Code Execution 02.07.2026 9.4
CVE-2026-58457 Shenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.csp 06.07.2026 9.3
CVE-2026-50160 Mass Assignment via Onboarding Endpoint Allows Unauthenticated JWT_SECRET Overwrite 02.07.2026 10
CVE-2026-34108 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text.php 02.07.2026 9.3
CVE-2026-34109 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.php 01.07.2026 9.3
CVE-2026-34110 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in complex_start.php 01.07.2026 9.3
CVE-2026-34111 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac_text.php 01.07.2026 9.3
CVE-2026-34112 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php 01.07.2026 9.3
CVE-2026-34113 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech_text.php 01.07.2026 9.3
CVE-2026-34114 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate_text.php 02.07.2026 9.3
CVE-2026-34115 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe_amazon.php 01.07.2026 9.3
CVE-2026-34116 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in transcribe.php 01.07.2026 9.3
CVE-2026-34117 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in text_to_subtitles.php 01.07.2026 9.3
CVE-2026-34099 Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info.php 02.07.2026 9.3
CVE-2026-34100 Guardian Language-System Unauthenticated SQL Injection via id Parameter in media.php 01.07.2026 9.3
CVE-2026-34101 Guardian Language-System Unauthenticated SQL Injection via id Parameter in text_file.php 01.07.2026 9.3
CVE-2026-34102 Guardian Language-System Unauthenticated SQL Injection via id Parameter in job_info_get.php 01.07.2026 9.3
CVE-2026-34103 Guardian Language-System Unauthenticated SQL Injection via id Parameter in subtitles.php 01.07.2026 9.3
CVE-2026-34104 Guardian Language-System Unauthenticated SQL Injection via name Parameter in designer.php 01.07.2026 9.3
CVE-2026-34105 Guardian Language-System Unauthenticated SQL Injection via id Parameter in translate_text.php 02.07.2026 9.3
CVE-2026-34106 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in subtitles.php 01.07.2026 9.3
CVE-2026-34107 Guardian Language-System Unauthenticated OS Command Injection via id Parameter in translate.php 01.07.2026 9.3
CVE-2026-58453 JAIOTlink C492A-W6 4.8.30.57701411 Hard-coded Credentials via anyka_ipc 01.07.2026 9.3
CVE-2025-23350 01.07.2026 9
CVE-2025-23351 01.07.2026 9
CVE-2026-24270 01.07.2026 9.8
CVE-2026-57517 Control Web Panel < 0.9.8.1225 Blind SQL Injection via userRes Parameter 02.07.2026 9.3
CVE-2026-58126 PACSgear PACS Scan 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service 01.07.2026 9.3
CVE-2026-58127 PACSgear MediaWriter 5.2.1 Unauthenticated RCE via .NET Remoting TCP Service 01.07.2026 9.3
CVE-2026-23537 Feast: unauthenticated arbitrary file write 02.07.2026 9.1
CVE-2026-13603 SSRF with API key leak in pretix-oppwa 01.07.2026 9
CVE-2026-57692 WordPress PrivateContent plugin <= 9.9.2 - Privilege Escalation vulnerability 01.07.2026 9.8
CVE-2026-14198 @fastify/middie vulnerable to authorization bypass via encoded slash in path parameter values 01.07.2026 9.1
CVE-2026-10539 Unauthenticated command injection in Control-M/Server communication command 01.07.2026 9.5
CVE-2026-11387 SMS Alert <= 3.9.5 - Unauthenticated Privilege Escalation via Arbitrary Password Reset 01.07.2026 9.8
CVE-2026-6070 WP-BusinessDirectory <= 4.0.1 - Unauthenticated Arbitrary File Deletion via Path Traversal via '_filename' Parameter 01.07.2026 9.1
CVE-2026-7839 UltraVNC repeater ships hardcoded default admin password allowing unauthenticated admin access 01.07.2026 9.1
CVE-2026-7840 UltraVNC repeater HTTP server global buffer overflow via long URI (pre-auth RCE) 01.07.2026 9.3
CVE-2026-53488 containerd CRI plugin: — image-config `LABEL` flows to restart-monitor `binary://` logger: host-root command execution from an image pull 03.07.2026 9.4
CVE-2026-50110 Use of Hard-coded Credentials in StoneFly Storage Concentrator 01.07.2026 9.3
CVE-2026-55721 SQL Injection in StoneFly Storage Concentrator 01.07.2026 9.2
CVE-2026-56413 OS Command Injection in StoneFly Storage Concentrator 01.07.2026 10
CVE-2026-56415 OS Command Injection in StoneFly Storage Concentrator 01.07.2026 10
CVE-2026-56264 Crawl4AI - Arbitrary JavaScript Execution via /execute_js Endpoint 01.07.2026 9.2
CVE-2026-56278 Flowise - Session Hijacking via Weak Default Express Session Secret 01.07.2026 9.3
CVE-2026-56700 Grav - Multiple Remote Code Execution Vulnerabilities via Unsafe Unserialize and Command Injection 01.07.2026 9.3
CVE-2026-50003 OFFIS DCMTK Toolkit Path Traversal 01.07.2026 9.3
CVE-2026-58449 txtai - Unauthenticated Remote Code Execution via Unsafe Reflection in API /reindex function Parameter 01.07.2026 9.3
CVE-2026-10109 IBM® Db2® is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling 01.07.2026 9.8
CVE-2026-10134 Unauthenticated Server-Side RCE via PythonCodeStructuredTool in Public Flows 01.07.2026 10
CVE-2026-10140 Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem 02.07.2026 9.6
CVE-2026-11708 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability 01.07.2026 9.3
CVE-2026-11712 IBM WebSphere Application Server is affected by a cross-site scripting vulnerability 01.07.2026 9.3
CVE-2026-7663 Unauthenticated Cross-User MCP Resource Access and Tool Execution via Streamable Transport Authorization Bypass 01.07.2026 9.1
CVE-2026-7803 Flow Validation Bypass via Empty Component Type Field 01.07.2026 9.8
CVE-2026-7871 Insecure Deserialization in Redis Cache Backend 01.07.2026 9.8
CVE-2026-7873 Code Injection Vulnerability in Code Validation Endpoint 01.07.2026 9.9
CVE-2026-7874 Weak Cryptographic Key Derivation Exposed All Stored Credentials 02.07.2026 9.1
CVE-2026-58138 Orkes Conductor 3.21.21 < 3.30.2 Unauthenticated RCE via GraalVM Script Evaluators 01.07.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2026-14935 Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check 07.07.2026
CVE-2026-14969 389-ds-base: 389-ds-base: static initialization vector in aes-cbc/3des-cbc attribute encryption 07.07.2026
CVE-2026-56811 Phoenix transports do not limit channel joins per connection, enabling process-exhaustion denial of service 07.07.2026
CVE-2026-56812 Phoenix JavaScript presence client crashes on presence keys colliding with Object.prototype members in Presence.syncState/syncDiff 07.07.2026
CVE-2026-12352 Incorrect Authorization 07.07.2026 5.9
CVE-2026-12948 Stored Cross-Site Scripting (XSS) 07.07.2026
CVE-2026-14940 389-ds-base: 389-ds-base: heap-buffer-overflow in dn normalization via quoted multivalued rdn 07.07.2026
CVE-2026-48588 Potential exposure of private data via cached Set-Cookie response 07.07.2026
CVE-2026-53877 Heap buffer over-read in GDALRaster 07.07.2026
CVE-2026-53878 Header injection possibility since DomainNameValidator accepted newlines in input 07.07.2026
CVE-2026-59709 Ghostfolio - Unauthorized Portfolio Holding Tag Modification via Missing Permission Check 07.07.2026
CVE-2026-44938 Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent 07.07.2026 8.8
CVE-2026-53479 07.07.2026 7.2
CVE-2026-6101 AMP for WP <= 1.1.12 - Authenticated (Author+) Arbitrary File Write via Role-Based Access Configuration with Local Font Upload 07.07.2026 7.5
CVE-2026-10659 NULL pointer dereference in Zephyr Dhara FTL disk driver on flash read error during journal resume 07.07.2026 4.7
CVE-2026-53481 07.07.2026 9.8
CVE-2026-53483 07.07.2026 9.8
CVE-2011-10043 Module::Load versions before 0.22 for Perl allow arbitrary modules outside of @INC to be loaded 07.07.2026
CVE-2026-11348 Authentication Bypass in HAVELSAN's Open Source Project Liman MYS 07.07.2026 8.1
CVE-2026-13696 LDAP Injection in HAVELSAN's Liman MYS 07.07.2026 8.8
CVE-2026-11340 Authorization Bypass in HAVELSAN's Open Source Project Liman MYS 07.07.2026 8.3
CVE-2026-11610 389-ds-base: 389-ds-base: heap buffer overflow in sasl_io_recv() via padded sasl unbind 07.07.2026
CVE-2026-14474 Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation 07.07.2026
CVE-2026-14476 Sssd: sssd: gpo cache path traversal via unsanitized gpcfilesyspath allows kerberos authentication bypass 07.07.2026
CVE-2026-14867 Insecure password storage in User directory 07.07.2026
CVE-2026-14868 Weak encryption mechanism for User directory 07.07.2026
CVE-2026-33264 Apache Airflow: DAG author RCE on webserver via unrestricted import_string() in BaseSerialization.deserialize() 07.07.2026
CVE-2026-48828 Apache Airflow: Bulk JSON Variables bypass should_hide_value_for_key - redact() called without the key 07.07.2026
CVE-2026-48891 Apache Airflow: /ui/dependencies scheduling graph leaks unreadable Dag identifiers via trigger/sensor dep.source/dep.target 07.07.2026
CVE-2026-48892 Apache Airflow: Config API leaks per-key secrets backend kwargs - masker bypass on synthetic options 07.07.2026
CVE-2026-49296 Apache Airflow: Per-DAG read bypass discloses co-located DAGs' source via GET /api/v2/dagSources/{dag_id} 07.07.2026
CVE-2026-49487 Apache Airflow: Task-instance API exposes secrets in deferred trigger kwargs 07.07.2026
CVE-2026-13199 Insufficient Entropy in Raspberry Pi 5 and Compute Module 5 07.07.2026
CVE-2026-58384 Gimp: gimp: integer overflow in read_rle_channel() 07.07.2026
CVE-2026-5730 IDOR in Idvlabs' Ontime 07.07.2026 7.5
CVE-2026-5799 IDOR in Idvlabs' Ontime 07.07.2026 7.5
CVE-2026-7380 HTML Injection in Armiya Technologies' Access Control System 07.07.2026 6.1
CVE-2026-8306 Stored XSS in Armiya Technologies' Access Control System 07.07.2026 6.1
CVE-2026-8309 Reflected XSS in Armiya Technologies' Access Control System 07.07.2026 5.4
CVE-2026-8377 Improper Authorization in Armiya Technologies' Access Control System 07.07.2026 8.2
CVE-2026-10834 WP Travel Engine < 6.8.1 - Subscriber+ Arbitrary Media File Move via user_profile_image 07.07.2026
CVE-2026-12277 Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Deletion via Saved File Metadata Path Traversal 07.07.2026
CVE-2026-12375 Uncanny Automator Pro 7.3.0.5 - Backdoor via Compromised Vendor Update Server 07.07.2026
CVE-2026-14345 WPFunnels <= 3.12.7 - Unauthenticated Remote Code Execution via 'postData' Parameter 07.07.2026 9.8
CVE-2026-4375 DoLeads Integrator <= 1.2.2 & wp2epub <= 0.65 - Unauthenticated RCE 07.07.2026
CVE-2026-57867 07.07.2026
CVE-2026-57868 07.07.2026
CVE-2026-57869 07.07.2026
CVE-2026-57870 07.07.2026
CVE-2026-57871 07.07.2026
CVE-2026-58315 07.07.2026
CVE-2026-26053 07.07.2026 5.3
CVE-2026-27790 07.07.2026 2.7
CVE-2026-27844 07.07.2026 2.7
CVE-2026-34158 Coolify: Command injection via single-quote breakout in Docker Compose custom commands 07.07.2026 8.8
CVE-2026-42201 Coolify: OS Command Injection via Database Credential Fields in Docker Compose Service Commands 07.07.2026 3.3
CVE-2026-34034 Coolify: Host RCE via Sentinel token injection 07.07.2026 8.8
CVE-2026-34035 Coolify: Host RCE via Log Drain secret/env command injection 07.07.2026 8.8
CVE-2026-34037 Cross-Tenant Resource Cloning via Broken Object-Level Authorization in cloneTo() 07.07.2026 9.9
CVE-2026-34044 Coolify: Cross-team IDOR in logs component (resource lookup not team-scoped) 07.07.2026 7.7
CVE-2026-34047 Coolify: WebSocket Endpoint Access Control Flaw Leading to Remote Code Execution 07.07.2026 9.9
CVE-2026-34048 Coolify: Missing authorization on terminal websocket bootstrap routes allows low-privileged members to execute commands on team servers 07.07.2026 9.9
CVE-2026-34057 Coolify: Authenticated Remote Code Execution via Command Injection in Database Import Container Name 07.07.2026 8.8
CVE-2026-34058 Coolify: OS Command Injection via Unmanaged Container Operations - Remote Code Execution 07.07.2026 8.8
CVE-2026-34149 Coolify: Authenticated Host-Level RCE via Unescaped Database Credentials in Backup Jobs 07.07.2026 3.3
CVE-2026-34152 Coolify: Command Injection via Newline in Pre/Post Deployment Commands (Heredoc Transport) 07.07.2026 8.8
CVE-2026-34168 Coolify: Command injection via unsanitized persistent storage name in docker volume commands 07.07.2026 8.8
CVE-2026-34170 Coolify: Server-Side Request Forgery via attacker-controlled GitHub App API URL 07.07.2026 4.3
CVE-2026-34171 Coolify: Account takeover via CSRF-able GET endpoint that resets password to attacker-known value 07.07.2026 8
CVE-2026-34198 Coolify: Password reset link poisoning via X-Forwarded-Host header spoofing 07.07.2026 5.3
CVE-2026-42143 Coolify: OS Command Injection via Persistent Volume Names - Root RCE on Managed Servers 07.07.2026 8.8
CVE-2026-42145 Coolify: File Upload Without Type or Size Validation in Database Backup Restore 07.07.2026 3.1
CVE-2026-42147 Coolify: SSRF via S3 Storage Endpoint in testConnection() 07.07.2026 4.9
CVE-2026-42172 Coolify: Sanctum API Tokens Have No Expiration — Leaked Tokens Grant Permanent Access 07.07.2026 3.1
CVE-2026-42200 Coolify: PostgreSQL Init Script Path Traversal Leads to Arbitrary File Write and Root RCE 07.07.2026 8.8
CVE-2026-11328 Exclusive Addons for Elementor <= 2.7.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title 07.07.2026 6.4
CVE-2024-56141 Minosoft has IV equal to key 06.07.2026 5
CVE-2026-13356 Interrupted navigation could allow address bar origin spoofing in Firefox for iOS 07.07.2026
CVE-2026-53647 FOSSBilling vulnerable to unauthenticated API key configuration disclosure via guest Serviceapikey get_info endpoint 07.07.2026
CVE-2026-53648 FOSSBilling: Downloadable product files can be overwritten through filename collisions 07.07.2026
CVE-2026-53642 FOSSBilling: Unverified clients can access client-area pages when email confirmation is required 07.07.2026
CVE-2026-53643 FOSSBilling allows low-privileged staff accounts to perform unauthorized actions via admin API endpoints 07.07.2026
CVE-2026-53644 FOSSBilling's missing order-state validation allows clients to read and reset API key secrets for non-active orders 07.07.2026
CVE-2026-53645 FOSSBilling's missing self-edit prevention in staff permission management allows persistent privilege escalation 07.07.2026
CVE-2026-53646 FOSSBilling: Client password reset token reuse allows persistent account takeover 07.07.2026
CVE-2026-53640 FOSSBilling missing authorization checks on read-only admin API endpoints expose sensitive staff, client, and redirect data 07.07.2026
CVE-2026-53641 FOSSBilling has stored XSS in client email views via unescaped content in JavaScript template literal 06.07.2026
CVE-2026-43925 FOSSBilling: Mass assignment of group_id in guest client registration allows unauthorized promo code use 07.07.2026
CVE-2026-43927 FOSSBilling has race condition in cart checkout that bypasses promo code usage limits 07.07.2026
CVE-2026-43928 FOSSBilling: Payment amount not validated in PayPalEmail adapter allows invoice underpayment 07.07.2026
CVE-2026-32718 Coolify read-scoped API tokens can perform state-changing validation operations 07.07.2026 6.5
CVE-2026-34049 Coolify: Command Injection via unsanitized MongoDB collection names in database backup 07.07.2026 3.3
CVE-2026-34050 Coolify Settings/Updates Livewire component missing instance administrator authorization 07.07.2026 6.5
CVE-2026-34153 Coolify LocalFileVolume fs_path command injection enables RCE 07.07.2026 8.8
CVE-2026-34167 Coolify: Cross-tenant activity log disclosure via unlocked Livewire property in ActivityMonitor 06.07.2026 5
CVE-2026-34599 Coolify: Authenticated Remote Code Execution in GetLogs Livewire Component 07.07.2026 8.8
CVE-2026-38973 06.07.2026
CVE-2026-38976 06.07.2026
CVE-2026-38979 06.07.2026
CVE-2026-41899 Coolify unauthenticated feedback endpoint allows Discord webhook abuse 07.07.2026 6.5
CVE-2026-42148 Coolify: Command Injection via Unescaped Version String in Docker Build 07.07.2026 3.8
CVE-2026-42153 Coolify: PostgreSQL Healthcheck Command Injection Allows Root Code Execution in Container 07.07.2026 8.8
CVE-2026-42204 Coolify: Authenticated RCE via SHELL_SAFE_COMMAND_PATTERN regression → host root 07.07.2026 8.8
CVE-2026-43918 Suspended or inactive FOSSBilling accounts can retain or regain access through existing sessions, API tokens, and password reset flows 06.07.2026
CVE-2026-43921 FOSSBilling vulnerable to arbitrary PHP code injection via unescaped config serialization 07.07.2026
CVE-2026-59710 showdown - Stored XSS via Unescaped Table Header ID Attribute Injection 07.07.2026
CVE-2026-14468 Path traversal allows arbitrary file read in Terraform Enterprise container 07.07.2026 7.7
CVE-2026-14471 Authenticated SQL injection in the metrics-service retention policy subsystem of mcp-gateway-registry 07.07.2026 8.1
CVE-2026-33734 FOSSBilling has improper SQL neutralization in `Massmailer` recipient filters 07.07.2026
CVE-2026-34038 Coolify authenticated remote command injection leading to RCE and secret exfiltration 07.07.2026 9.9
CVE-2026-42331 FOSSBilling missing authorization in guest Invoice API endpoints 07.07.2026
CVE-2026-42341 FOSSBilling has an unauthenticated payment bypass via IPN callback forgery 07.07.2026
CVE-2026-54709 06.07.2026
CVE-2026-54763 Traefik: headerField underscore-variant identity spoofing in BasicAuth / DigestAuth / ForwardAuth 07.07.2026
CVE-2026-54765 Traefik: Gateway HTTPRoute backendRef filters can leak backend context across routes sharing a Service:port 07.07.2026
CVE-2026-59711 showdown - Cross-Site Scripting via Unescaped Metadata Title in completeHTMLDocument 07.07.2026
CVE-2026-59712 Leantime - Credential Disclosure via Unauthenticated JSON-RPC users.getUser Method 07.07.2026
CVE-2026-59713 Leantime - OIDC Login CSRF via Unconditional State Verification Stub 07.07.2026
CVE-2025-59615 Use After Free in Computer Vision 07.07.2026 6.6
CVE-2025-59616 Use After Free in Computer Vision 07.07.2026 6.6
CVE-2025-59617 Use After Free in Computer Vision 07.07.2026 6.6
CVE-2026-21368 Out-of-bounds Write in Camera Driver 07.07.2026 5.3
CVE-2026-21369 Out-of-bounds Write in Camera Driver 07.07.2026 5.3
CVE-2026-21370 Out-of-bounds Write in Camera Driver 07.07.2026 5.3
CVE-2026-21379 Buffer Over-read in Windows Compute 07.07.2026 7.8
CVE-2026-21383 Reusing a Nonce, Key Pair in Encryption in HLOS 06.07.2026 7.1
CVE-2026-21384 Out-of-bounds Write in Camera Driver 07.07.2026 5.3
CVE-2026-25268 Stack-based Buffer Overflow in WLAN Host 07.07.2026 8.8
CVE-2026-25271 Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service 07.07.2026 7.8
CVE-2026-48267 DNG SDK | NULL Pointer Dereference (CWE-476) 07.07.2026 5.5
CVE-2026-50135 Hugo: Symlink confinement bypass in resources.Get 06.07.2026
CVE-2026-54234 vLLM: Remote DoS in vLLM via Invalid Recovered Token Reinjection 07.07.2026 7.5
CVE-2026-54764 ForwardAuth middleware leaks X-Forwarded-Port spoofing via untrusted X-Forwarded-Proto when trustForwardHeader=false 07.07.2026
CVE-2026-55514 vLLM denial of service via prompt embeds on M-RoPE models 06.07.2026
CVE-2026-55574 vLLM: ReDoS via structured_outputs.regex compiled without timeout in xgrammar and outlines backends 06.07.2026
CVE-2026-55727 06.07.2026 7.5
CVE-2026-57571 Crawl4AI arbitrary file write via download filename path traversal 07.07.2026 9.6
CVE-2026-57572 Crawl4AI: Unauthenticated RCE via Chromium launch-argument injection in browser_config.extra_args 06.07.2026 10
CVE-2026-57573 Crawl4AI unauthenticated SSRF in Docker streaming crawl endpoint 07.07.2026 8.6
CVE-2026-11405 Hidden backdoor authentication mechanism in multiple versions of Tenda firmware allows admin access to web management interface 06.07.2026
CVE-2026-14536 06.07.2026
CVE-2026-14898 07.07.2026
CVE-2026-41514 OP-TEE: RSA-OAEP padding oracle in Hisilicon HPRE driver enables plaintext recovery 06.07.2026 2.5
CVE-2026-41515 OP-TEE: RSA-OAEP padding oracle in NXP CAAM driver enables plaintext recovery 07.07.2026 2.5
CVE-2026-41516 OP-TEE: Hisilicon HPRE PKCS#1 v1.5 Decryption Padding Oracle 06.07.2026 2.5
CVE-2026-42546 OP-TEE has missing OPTEE_MSG_ATTR_TYPE_MASK in cleanup_shm_refs() leaks mobj references 06.07.2026 3.8
CVE-2026-44362 OP-TEE's subkey rollback protection can be bypassed with older subkey versions 06.07.2026 5.5
CVE-2026-50133 Hugo: XSS via text/html content files 07.07.2026
CVE-2026-50134 Hugo: security.http.urls allow-list bypass via HTTP redirects 06.07.2026
CVE-2026-53763 OP-TEE has AES-GCM 32-bit integer overflow in length counters that breaks authentication guarantee 07.07.2026
CVE-2026-55646 vLLM speech-to-text endpoints allocate full upload before enforcing the audio file-size limit 06.07.2026 6.5
CVE-2026-58402 Hugo default code block renderer XSS via unescaped code-fence language 06.07.2026
CVE-2026-58403 Hugo symlink confinement bypass in os.ReadFile 06.07.2026
CVE-2026-58404 Hugo security.http.urls deny rules bypassed by alternate IPv4 encodings 07.07.2026
CVE-2026-59089 Gimp: gimp: denial of service via integer overflow in playstation tim loader 06.07.2026
CVE-2026-54059 Pillow: PcfFontFile._load_bitmaps()`: `Image.frombytes()` called without `_decompression_bomb_check()` — bomb protection bypass via PCF font loading 06.07.2026 7.5
CVE-2026-54060 Pillow: `FontFile.compile()`: `Image.new()` called without `_decompression_bomb_check()` 07.07.2026 7.5
CVE-2026-54291 Silent channel-binding authentication downgrade via unsupported certificate algorithms 06.07.2026
CVE-2026-55379 Pillow BdfFontFile`: `Image.new()` called without `_decompression_bomb_check()` — bomb protection bypass via font loading 06.07.2026 7.5
CVE-2026-55380 Pillow GdImageFile decompression bomb protection bypass 06.07.2026 7.5
CVE-2026-55798 Pillow: WindowsViewer.get_command() OS command injection via unescaped shell path 07.07.2026 4.5
CVE-2026-9181 Directory Traversal in ArcGIS Server 06.07.2026 9.8
CVE-2026-9182 Unvalidated File Upload vulnerability in ArcGIS Server. 06.07.2026 5.3
CVE-2026-13753 CVE-2026-13753 06.07.2026
CVE-2026-12154 Reviews Widgets for Google, Yelp & TripAdvisor <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'page_id' Shortcode Attribute 07.07.2026 6.4
CVE-2026-41434 OP-TEE has unbounded recursion in sanitize_client_object() 07.07.2026 3.3