CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-45695 Kopia: Unauthenticated RCE via SSH ProxyCommand Injection when --insecure --without-password is used 16.07.2026 9.8
CVE-2026-54733 moodle-local_o365: Authentication bypass via unverified JWT signature in Teams SSO endpoint 16.07.2026 9.3
CVE-2026-59864 Kiota: Path/URL injection into generated Copilot plugin manifest via x-ai-* extensions 16.07.2026 9.3
CVE-2026-59865 Kiota: Command injection via x-ms-kiota-info dependencyInstallCommand surfaced by `kiota info` 16.07.2026 9.3
CVE-2026-59866 Kiota: Arbitrary file write + code-injection via x-ms-kiota-info clientClassName and clientNamespaceName 16.07.2026 9.3
CVE-2026-11386 ubuntu-pro-client Input Validation Vulnerability Leading to Arbitrary APT Directive Injection and Remote Code Execution 16.07.2026 9
CVE-2026-63304 AVideo through 29.0 OS Command Injection via listFFmpegProcesses 16.07.2026 9.2
CVE-2026-63305 AVideo through 29.0 OS Command Injection via ffmpeg.json.php 16.07.2026 9.2
CVE-2026-63306 stoatchat before 0.13.5 Unauthenticated SSRF via proxy and embed endpoints 16.07.2026 9.2
CVE-2023-49899 Origin Validation Error in X-Rite MA-T6 16.07.2026 9.8
CVE-2023-49900 Origin Validation Error in X-Rite MA-T6 16.07.2026 9.8
CVE-2026-22752 Spring Security Authorization Server Dynamic Client Registration endpoints perform insufficient validation of client metadata 16.07.2026 9.6
CVE-2026-15925 Improper TLS Hostname Verification in Snowflake Connector for Python 16.07.2026 9.2
CVE-2026-15013 SAML Single Sign On <= 5.4.3 - Unauthenticated Authentication Bypass via 'SAMLResponse' Parameter Signature Algorithm Confusion 16.07.2026 9.8
CVE-2026-54458 AVideo: Unauthenticated Stored DOM Cross-Site Scripting via Per-Client Metadata Broadcast in YPTSocket Plugin 16.07.2026 9.6
CVE-2026-55445 Qinglong: Incomplete fix for CVE-2026-3965: Improper Authentication 15.07.2026 9.3
CVE-2026-52891 Wekan: Shell Injection via Avatar Upload 15.07.2026 9.9
CVE-2026-52893 Wekan: OIDC Account Takeover via Unconditional Email-Based Account Merge in onCreateUser hook 15.07.2026 9.2
CVE-2026-55652 Wekan: Header-login IP allowlist bypass via X-Forwarded-For spoofing in Wekan allows unauthenticated full account takeover (incl. admin) 15.07.2026 9.8
CVE-2026-46339 9Router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes 16.07.2026 10
CVE-2026-49352 9Router: Hardcoded Default fallback JWT Secret Allows Authentication Bypass 15.07.2026 9.8
CVE-2026-54052 n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments 15.07.2026 9.9
CVE-2026-52887 NocoBase: SQL injection in /api/myInAppChannels:list filter to PG-superuser RCE 15.07.2026 10
CVE-2026-45534 DataEase: RCE Vulnerability 16.07.2026 9
CVE-2026-46684 DataEase: Unauthorized Command Execution Vulnerability 15.07.2026 9.5
CVE-2026-49445 Cilium: Sensitive information disclosure and cluster disruption via local Envoy admin socket access 16.07.2026 9.2
CVE-2026-46421 Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service) 15.07.2026 9.3
CVE-2026-62948 OpenWrt odhcpd/LuCI: unauthenticated DHCPv6 client can inject lease-file lines via FQDN hostname → stored XSS in the LuCI admin UI 15.07.2026 9.6
CVE-2026-50562 FastGPT: Untrusted PR artifacts are pushed and deployed by privileged preview workflows 15.07.2026 9.3
CVE-2026-53512 Better Auth: OAuth refresh-token replay via missing client authentication on oidc-provider and mcp plugins 15.07.2026 9.1
CVE-2026-53513 Better Auth: Server-side request forgery via unvalidated OIDC endpoints on @better-auth/sso provider registration 15.07.2026 9.6
CVE-2026-62378 RustFS Console: Critical Stored XSS in Preview Modal leading to Administrative Account Takeover 15.07.2026 9
CVE-2026-52842 Lightpanda:URL parser misidentifies page origin for URLs containing @ in the path - Same-Origin Policy bypass 15.07.2026 9.3
CVE-2026-52843 Lightpanda: fetch() and XMLHttpRequest attach session cookies to cross-origin requests regardless of credentials mode 15.07.2026 9.3
CVE-2026-44986 Penpot: Pre-authenticated account takeover via team-invitation token + prepare-register-profile 15.07.2026 9.9
CVE-2026-50148 Metabase: Remote Code Execution via Snowflake JDBC Driver Arbitrary File Write 15.07.2026 10
CVE-2026-42533 NGINX Map directive and Regex matching vulnerability 16.07.2026 9.2
CVE-2026-61736 LightRAG: CORS Wildcard + Credentials Enables Any-Origin Credentialed Requests 15.07.2026 9.3
CVE-2026-61740 LightRAG: Authentication bypass: hardcoded DEFAULT_TOKEN_SECRET and public /auth-status defeat LIGHTRAG_API_KEY protection 15.07.2026 9.3
CVE-2026-56400 open-webui - Remote Code Execution via CORS Misconfiguration and Session Validation 15.07.2026 9
CVE-2026-56699 Wazuh Manager - NDJSON Injection in inventory_sync via Agent-Controlled DataValue.index 15.07.2026 10
CVE-2026-61451 Grav before 1.0.4 Password Reset Token Poisoning via admin_base_url 15.07.2026 9.4
CVE-2026-13385 16.07.2026 9.5
CVE-2026-45363 `jwt` (Ruby gem) - empty-key HMAC bypass 15.07.2026 9.1
CVE-2026-48334 Illustrator | Improper Input Validation (CWE-20) 15.07.2026 9.3
CVE-2026-48284 ColdFusion | Improper Input Validation (CWE-20) 15.07.2026 9.6
CVE-2026-48318 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) 15.07.2026 9.9
CVE-2026-48319 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) 15.07.2026 9.1
CVE-2026-48321 ColdFusion | Incorrect Authorization (CWE-863) 16.07.2026 9.3
CVE-2026-48322 ColdFusion | Improper Control of Generation of Code ('Code Injection') (CWE-94) 15.07.2026 9.6
CVE-2026-48324 ColdFusion | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89) 15.07.2026 9.1
CVE-2026-48325 ColdFusion | Missing Authentication for Critical Function (CWE-306) 15.07.2026 9.3
CVE-2026-48327 ColdFusion | Incorrect Authorization (CWE-863) 15.07.2026 9
CVE-2026-15643 AWS HealthLake MCP Server SSRF via Pagination URL 15.07.2026 9.2
CVE-2026-53486 decompress: Archive extraction can create files and links outside the target directory 15.07.2026 9.1
CVE-2026-13001 Podlove Podcast Publisher <= 4.5.1 - Unauthenticated Arbitrary File Upload via podlove_image_cache_url Parameter 14.07.2026 9.8
CVE-2026-47428 Vitest browser mode serves unsanitized otelCarrier query parameter as inline script 15.07.2026 9.6
CVE-2026-48356 Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434) 15.07.2026 9.6
CVE-2026-48358 Adobe Commerce | Improper Encoding or Escaping of Output (CWE-116) 15.07.2026 9.1
CVE-2026-53633 Vitest: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCE 16.07.2026 9.8
CVE-2026-47429 Vitest: Arbitrary file can be read and executed when Vitest UI server is listening 14.07.2026 9.8
CVE-2026-48259 Adobe Experience Manager | Server-Side Request Forgery (SSRF) (CWE-918) 15.07.2026 9.6
CVE-2026-48359 Adobe Experience Manager | Improper Restriction of XML External Entity Reference ('XXE') (CWE-611) 15.07.2026 9.6
CVE-2026-45063 Symfony: Identity Spoofing via Unanchored DN Regex in X509Authenticator 14.07.2026 9.1
CVE-2026-50380 Windows GDI+ Remote Code Execution Vulnerability 15.07.2026 9.6
CVE-2026-50447 Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-50518 Windows DHCP Server Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-55010 Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-55040 Microsoft SharePoint Server Security Feature Bypass Vulnerability 15.07.2026 9.1
CVE-2026-55944 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-56159 DHCP Server Service Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-56188 Windows Server Network driver Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-56190 Remote Desktop Protocol Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-57092 Microsoft Windows VMSwitch Elevation of Privilege Vulnerability 16.07.2026 9.9
CVE-2026-42990 SQL Server ODBC driver Elevation of Privilege Vulnerability 15.07.2026 9.8
CVE-2026-48561 Microsoft Copilot Remote Code Execution Vulnerability 15.07.2026 9.6
CVE-2026-49172 Windows FTP Service Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-49798 Windows Kernel Elevation of Privilege Vulnerability 15.07.2026 9.3
CVE-2026-50522 Microsoft SharePoint Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-54990 Remote Desktop Client Remote Code Execution Vulnerability 15.07.2026 9.8
CVE-2026-55008 Microsoft Exchange Server Spoofing Vulnerability 15.07.2026 9.6
CVE-2026-58644 Microsoft SharePoint Remote Code Execution Vulnerability 16.07.2026 9.8
CVE-2026-59891 Credential confusion in  @sigstore/oci  can leak registry credentials to an attacker-controlled registry 14.07.2026 9.6
CVE-2026-15701 Totolink NR1800X lighttpd formLogout.htm Form_Logout stack-based overflow 15.07.2026 9.3
CVE-2025-11698 CompactLogix ®, ControlLogix ®, Compact GuardLogix ® and GuardLogix ® Buffer Overflow 14.07.2026 9.2
CVE-2026-55954 Missing ID token claim validation in ueberauth_apple allows account takeover 15.07.2026 9.1
CVE-2025-12011 CompactLogix ®, ControlLogix ®, Compact GuardLogix ® and GuardLogix ® Buffer Overflow 14.07.2026 9.2
CVE-2025-12012 CompactLogix ®, ControlLogix ®, Compact GuardLogix ® and GuardLogix ® Buffer Overflow 14.07.2026 9.2
CVE-2026-15265 Tenable Agent Path Traversal Leading to Remote Code Execution 14.07.2026 9.3
CVE-2026-58479 Sustainable Irrigation Platform 5.2.16 RCE via cli_control Plugin Command Injection 14.07.2026 9.2
CVE-2026-10577 Rockwell Automation 1715 Redundant IO – Access Control Vulnerability 14.07.2026 10
CVE-2026-62422 15.07.2026 10
CVE-2026-56451 14.07.2026 10
CVE-2026-15183 Input Validation Vulnerabilities in Snowflake Spark Connector 14.07.2026 9.2
CVE-2026-57898 14.07.2026 9
CVE-2026-27690 HTTP Request Smuggling in SAP Approuter 14.07.2026 9.1
CVE-2026-44747 Memory Corruption vulnerability in SAP NetWeaver Application Server ABAP 15.07.2026 9.9
CVE-2026-44761 Insecure Sample Credentials in SAP Commerce Cloud 15.07.2026 9.1
CVE-2026-59801 9Router 0.4.41 - Unauthenticated API Exposure via /api/providers 14.07.2026 9.3
CVE-2026-62327 9Router 0.4.41 - Unauthenticated API Key Exposure via /api/usage/stats 14.07.2026 9.3
CVE-2026-58409 ChurchCRM: Authenticated Remote Code Execution (RCE) via Malicious Plugin Upload 14.07.2026 9.1
CVE-2026-6875 Sandbox Escape in ServiceNow AI Platform 14.07.2026 9.5
CVE-2026-61462 mcp-gitlab Path Traversal via job_id Parameter 13.07.2026 9.2
CVE-2026-61500 Rejetto HFS < 3.2.1 Session Forgery via Predictable Signing Key 15.07.2026 9.3
CVE-2026-60121 Vitec Flamingo 4.12.2 Unauthenticated OS Command Injection via ping.php 13.07.2026 9.3
CVE-2026-61498 Vitec Flamingo 4.12.2 Unauthenticated OS Command Injection via gen_graphs.php 14.07.2026 9.3
CVE-2026-6847 Unauthenticated Remote Code Execution in ThemisNETPanel 14.07.2026 9.3
CVE-2026-12257 Remote code execution in Mura Software’s CMS 13.07.2026 9.3
CVE-2026-14934 Cross-Tenant Repository Takeover via Improper Access Control in BigQuery, Dataform and Colab Enterprise 13.07.2026 9.4
CVE-2026-13014 Remote Code Execution vulnerability in "Suspicious" application 13.07.2026 9.2
CVE-2026-22093 Adversary-in-the-Middle (AitM) attack vulnerability in EVbee Service app 16.07.2026 9.5
CVE-2026-22095 Command injection in diagnosis web endpoint 16.07.2026 9.3
CVE-2026-22096 Missing authentication for webserver endpoints 16.07.2026 9.3
CVE-2026-22097 Missing firmware validation allows remote code execution 16.07.2026 9.3
CVE-2026-22098 Sensitive information is written to logs 16.07.2026 9.2
CVE-2026-22102 Arbitrary file overwrite through certificate update functionality 16.07.2026 9.3
CVE-2026-22103 Command injection in NPC start web endpoint 16.07.2026 9.3
CVE-2026-57401 WordPress SureDash plugin <= 1.8.0 - Arbitrary File Deletion vulnerability 13.07.2026 9.9
CVE-2026-57702 WordPress Amelia plugin <= 2.4.2 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-57707 WordPress Simple Business Directory Pro plugin <= 15.9.4 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-57710 WordPress WoowBot Pro Max plugin <= 14.1.7 - Arbitrary File Upload vulnerability 13.07.2026 9.9
CVE-2026-57714 WordPress LatePoint plugin <= 5.6.3 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-57719 WordPress Aimogen Pro plugin <= 2.8.3 - Arbitrary File Upload vulnerability 13.07.2026 10
CVE-2026-57724 WordPress Kirki plugin <= 6.0.12 - PHP Object Injection vulnerability 13.07.2026 9.8
CVE-2026-57726 WordPress Kirki plugin <= 6.0.12 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-57738 WordPress 777 theme <= 1.13.0 - PHP Object Injection vulnerability 13.07.2026 9.8
CVE-2026-57739 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability 13.07.2026 9.8
CVE-2026-57770 WordPress Grand Photography theme <= 5.7.8 - PHP Object Injection vulnerability 13.07.2026 9.8
CVE-2026-57811 WordPress Realtyna Organic IDX plugin plugin <= 5.2.0 - Remote Code Execution (RCE) vulnerability 13.07.2026 10
CVE-2026-57813 WordPress MailOptin plugin <= 1.2.77.3 - Privilege Escalation vulnerability 13.07.2026 9.8
CVE-2026-59515 WordPress AIWU plugin <= 1.5.4 - SQL Injection vulnerability 13.07.2026 9.3
CVE-2026-59518 WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability 13.07.2026 9.8
CVE-2026-14453 A user with low privileges can inject SSTI templates that can lead to RCE in open-tickets 13.07.2026 9.6
CVE-2026-4769 Unauthenticated Access to Internal Diagnostic Interface 13.07.2026 9.3
CVE-2026-15511 Comfast CF-WR631AX V3 FastCGI Backend webmgnt system_wl_upload_pic_file os command injection 14.07.2026 9.3
CVE-2026-56271 Flowise - Weak Default JWT Secrets in Authentication Middleware 13.07.2026 9.3
CVE-2026-61876 LuCI DHCPv6 Lease Hostname Stored Cross-Site Scripting 14.07.2026 9.4
CVE-2026-60090 PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension 14.07.2026 9.3
CVE-2026-61445 PraisonAI before 4.6.78 Arbitrary File Write and Command Execution 14.07.2026 9.4
CVE-2026-61447 PraisonAI before 1.6.78 Remote Code Execution via CodeAgent 13.07.2026 10
CVE-2026-57827 Joomla Extension - rsjoomla.com - Unauthenticated file upload in RSFiles component < 1.17.12 15.07.2026 10
CVE-2026-57828 Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3 15.07.2026 9
CVE-2026-20744 Hydro-Québec Le Circuit Electrique charging station backend Improper Access Control 14.07.2026 9.3
CVE-2026-55884 Tilt: Missing authentication on the network-exposed Tilt HUD server 15.07.2026 9.2
CVE-2026-55879 OpenReplay: Unauthenticated stored XSS leads to dashboard account takeover 13.07.2026 9.3
CVE-2026-12761 miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.7.0 - Unauthenticated Authentication Bypass to Administrator Account Takeover via Profile Completion OTP Flow 13.07.2026 9.8
CVE-2026-57807 WordPress OAuth Single Sign On - SSO (OAuth Client) plugin <= 38.5.8 - Broken Authentication vulnerability 13.07.2026 9.8
CVE-2026-61459 MCP Server Kubernetes < 3.9.0 Argument Injection via kubectl Structured Tools 14.07.2026 9.3
CVE-2026-59151 Prowler: SAML Domain Claiming Enables Cross-Tenant Account Takeover 13.07.2026 9.6
CVE-2026-5801 SQLi in Semtek Informatics' SEM-PMP 10.07.2026 9.8
CVE-2026-2397 SQLi in AdamPOS' MobilMen 20T 16.07.2026 9.8
CVE-2026-58492 grav-plugin-database: SQL Injection in PDO::tableExists() due to Unsanitized Table Name Interpolation 10.07.2026 9.2
CVE-2026-15143 Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:) 10.07.2026 9.3
CVE-2026-55500 9router: Exposure of Sensitive Information and Unprotected Database Import/Export Allows Complete Credential Theft and Database Takeover 10.07.2026 9.9
CVE-2026-56261 Crawl4AI - Server-Side Request Forgery via Webhook URLs 14.07.2026 9.2
CVE-2026-56765 Vikunja - Unauthenticated Instance-Wide Data Breach via Link Share Hash Disclosure Chained with Cross-Project Attachment IDOR 10.07.2026 9.3
CVE-2026-59792 14.07.2026 9.6
CVE-2026-61444 PraisonAI before 4.6.78 Code Injection via f-string 10.07.2026 9.4
CVE-2026-56688 10.07.2026 9.1
CVE-2026-15378 Guardrails-detectors: guardrails-detectors: ssrf and local file read via user-supplied xml schema (xml-with-schema:) 14.07.2026 9.3
CVE-2026-41880 OS Command Injection in R-SOFT DMS 10.07.2026 9
CVE-2026-15282 Instant Appointment <= 1.2 - Unauthenticated Arbitrary File Upload 14.07.2026 9.8
CVE-2026-15300 GEO my WP <= 4.5.4 - Unauthenticated SQL Injection via 'distance' / 'lat' / 'lng' Parameters 10.07.2026 9.1
CVE-2026-14894 Super Forms <= 6.3.313 - Unauthenticated Arbitrary File Upload via 'data' Parameter (datauristring / value) 10.07.2026 9.8
CVE-2026-54760 Langroid: SQLChatAgent dangerous-function blocklist can be bypassed with quoted or schema-qualified pg_read_file calls 10.07.2026 9.3
CVE-2026-54769 Langroid: Sandbox Escape to Remote Code Execution via Incomplete `eval()` Mitigation in TableChatAgent 10.07.2026 10
CVE-2026-55615 Langroid: Neo4jChatAgent executes LLM-generated Cypher without validation (prompt-to-Cypher injection; config-conditional RCE), mirroring the SQLChatAgent bug fixed in CVE-2026-25879 10.07.2026 9.2
CVE-2026-58122 Hermes WebUI < 0.51.307 Authentication Bypass via X-Forwarded-For Header Spoofing 14.07.2026 9.3
CVE-2026-58123 Hermes WebUI < 0.51.788 Unauthenticated RCE via Terminal API 14.07.2026 9.3

Latest Updates

CVE Title Updated Score
CVE-2025-45868 16.07.2026
CVE-2026-12379 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in the Dashboard OAuth/OIDC implementation of Axivion 16.07.2026
CVE-2026-45695 Kopia: Unauthenticated RCE via SSH ProxyCommand Injection when --insecure --without-password is used 16.07.2026 9.8
CVE-2026-54568 Microsoft UFO: Missing Authorization in DEVICE_INFO_REQUEST Allows a DEVICE Client to Read Another Device's system_info 16.07.2026 4.3
CVE-2026-55440 Microsoft UFO: COMMAND_RESULTS handler creates unowned sessions, allowing authenticated session-squatting denial of service 16.07.2026 6.5
CVE-2026-63081 Perfect Support Ticketing System 1.7 Stored XSS via Ticket Notes Field 16.07.2026
CVE-2026-63082 Perfect Support Ticketing System 1.7 Broken Access Control via Agent Assignment 16.07.2026
CVE-2026-14890 CVE-2026-14890 16.07.2026
CVE-2026-53597 Prompty: Arbitrary code execution via JavaScript frontmatter in TypeScript loader 16.07.2026
CVE-2026-53598 Prompty: Arbitrary File Read via ${file:path} Reference Expansion 16.07.2026 7.5
CVE-2026-54733 moodle-local_o365: Authentication bypass via unverified JWT signature in Teams SSO endpoint 16.07.2026
CVE-2026-57205 SimpleChat: Authenticated users can access other users' profile metadata through user IDOR endpoints 16.07.2026 4.3
CVE-2026-57206 SimpleChat plugin validation endpoints missing authentication and authorization 16.07.2026 8.6
CVE-2026-59864 Kiota: Path/URL injection into generated Copilot plugin manifest via x-ai-* extensions 16.07.2026
CVE-2026-59865 Kiota: Command injection via x-ms-kiota-info dependencyInstallCommand surfaced by `kiota info` 16.07.2026
CVE-2026-59866 Kiota: Arbitrary file write + code-injection via x-ms-kiota-info clientClassName and clientNamespaceName 16.07.2026
CVE-2026-59867 Kiota: Generation-time SSRF + remote/local file inclusion via unrestricted $ref 16.07.2026 7.1
CVE-2026-14254 Improper Restriction of Excessive Authentication Attempts in Delphix Continuous Data 16.07.2026
CVE-2026-59237 IDOR in Prospero Flow CRM Order API allows cross-tenant read and modification of orders 16.07.2026
CVE-2026-59859 Kiota: Code Generation Literal Injection in the PHP Generator 16.07.2026
CVE-2026-59860 Kiota: XML Doc-Comment Newline Breakout Code Injection 16.07.2026
CVE-2026-59861 Kiota: Code Generation Literal Injection in Kiota Ruby Generator 16.07.2026 7.5
CVE-2026-59862 Kiota: Code Generation Literal Injection in the Python Generator 16.07.2026 7.5
CVE-2026-59863 Kiota: Workspace-config poisoning: out-of-repo file write + generation-time SSRF 16.07.2026
CVE-2026-56456 HCL DFXAnalytics is affected by an Internal File Path Disclosure vulnerability. 16.07.2026 5.3
CVE-2026-5674 Pipewire: pipewire: sandbox escape and arbitrary code execution via malicious library loading 16.07.2026
CVE-2026-35140 HCL DFXAnalytics is affected by a Missing Secure Attribute in Encrypted Session (SSL) Cookie vulnerability 16.07.2026 3
CVE-2026-35141 HCL DFXAnalytics is affected by a Login Replay Attack vulnerability 16.07.2026 2.6
CVE-2026-35142 HCL DFXAnalytics is affected by an Internal IP Address Disclosure vulnerability. 16.07.2026 2.6
CVE-2026-35143 HCL DFXAnalytics is affected by a Missing SameSite Attribute vulnerability. 16.07.2026 3
CVE-2026-35145 HCL DFXAnalytics is affected by a Missing HTTP Strict-Transport-Security Header vulnerability. 16.07.2026 3.1
CVE-2026-56453 HCL DFXAnalytics is affected by an Account Takeover via Response Manipulation vulnerability. 16.07.2026 5.5
CVE-2026-56454 HCL DFXAnalytics is affected by a Deprecated Protocol vulnerability due to the use of TLS 1.0 and TLS 1.1. 16.07.2026 5.9
CVE-2026-56455 HCL DFXAnalytics is affected by a Buffer Overflow vulnerability that can lead to a Denial of Service (DoS). 16.07.2026 5.3
CVE-2024-58360 stoatchat before 0.7.8 Unrestricted Account Creation 16.07.2026
CVE-2025-71377 stoatchat before 20250210-1 Unrestricted Message History Fetch 16.07.2026
CVE-2025-71388 stoatchat 20241213-1 Webhook Token Disclosure via Read Permissions 16.07.2026
CVE-2026-11386 ubuntu-pro-client Input Validation Vulnerability Leading to Arbitrary APT Directive Injection and Remote Code Execution 16.07.2026 9
CVE-2026-12391 ubuntu-pro-client Local Privilege Escalation and Information Disclosure via Symlink Arbitrary File Read in collect-logs 16.07.2026 5
CVE-2026-63304 AVideo through 29.0 OS Command Injection via listFFmpegProcesses 16.07.2026
CVE-2026-63305 AVideo through 29.0 OS Command Injection via ffmpeg.json.php 16.07.2026
CVE-2026-63306 stoatchat before 0.13.5 Unauthenticated SSRF via proxy and embed endpoints 16.07.2026
CVE-2026-9494 ubuntu-pro-client Information Disclosure via Cleartext Bearer Token Exposure in Process Command Line 16.07.2026 5.5
CVE-2026-59249 Sign-tolerant HTTP/1 chunk-size parser in Mint enables response smuggling against strict intermediaries on pooled connections 16.07.2026
CVE-2026-35146 HCL DFXServer is affected by an Unencrypted Communication vulnerability. 16.07.2026 6.3
CVE-2026-35147 HCL DFXServer is affected by a Broken Authentication vulnerability via direct API access. 16.07.2026 8.2
CVE-2026-35148 HCL DFXServer is affected by a Missing Access Control vulnerability 16.07.2026 6.3
CVE-2026-35149 HCL DFXServer is affected by an Authentication Bypass vulnerability via server response manipulation. 16.07.2026 8.2
CVE-2023-49899 Origin Validation Error in X-Rite MA-T6 16.07.2026 9.8
CVE-2023-49900 Origin Validation Error in X-Rite MA-T6 16.07.2026 9.8
CVE-2026-22752 Spring Security Authorization Server Dynamic Client Registration endpoints perform insufficient validation of client metadata 16.07.2026 9.6
CVE-2026-13741 Digits: WordPress Mobile Number Signup and Login <= 9.1.0.5 - Authenticated (Subscriber+) Privilege Escalation via 'digits_reg_userrole' Parameter 16.07.2026 8.8
CVE-2026-13754 Tickera <= 3.6.0.0 - Authenticated (Staff+) SQL Injection via 's' Parameter 16.07.2026 6.5
CVE-2026-13755 Tickera <= 3.6.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'price_wrapper' Shortcode Attribute 16.07.2026 6.4
CVE-2026-13767 Quiz and Survey Master (QSM) <= 11.2.0 - Authenticated (Custom+) SQL Injection via 'pages' Parameter 16.07.2026 6.5
CVE-2026-15005 Loco Translate <= 2.8.5 - Cross-Site Request Forgery to Remote Code Execution via 'template' Parameter 16.07.2026 8.8
CVE-2026-15008 Uncanny Automator <= 7.3.1.4 - Unauthenticated PHP Object Injection to Arbitrary File Deletion via Forminator Submitted-Field Token 16.07.2026 8.1
CVE-2026-15021 wpForo Forum <= 3.1.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'location' Profile Field 16.07.2026 6.4
CVE-2026-15022 Tutor LMS <= 4.0.0 - Authenticated (Subscriber+) SQL Injection via Stored Quiz Answer Array 16.07.2026 6.5
CVE-2026-15099 WP Delicious <= 1.10.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'steps' Block Attribute 16.07.2026 6.4
CVE-2026-15103 WPFunnels <= 3.12.8 - Authenticated (Funnel Manager+) Privilege Escalation via 'group_id' Path Parameter 16.07.2026 8.8
CVE-2026-15106 WPBot <= 8.5.6 - Missing Authorization to Unauthenticated Arbitrary Chat Session Deletion via 'userid' Parameter 16.07.2026 5.3
CVE-2026-15324 SysBasics Customize My Account for WooCommerce <= 4.4.14 - Authenticated (Shop Manager+) Stored Cross-Site Scripting via 'row_type' Parameter 16.07.2026 4.4
CVE-2026-15350 The Cache Purger <= 2.3.20 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Log Deletion via 'the_log_purge' Parameter 16.07.2026 4.3
CVE-2026-15407 Themify Builder <= 7.7.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Stylesheet Write/Delete via tb_generate_on_fly AJAX Action 16.07.2026 4.3
CVE-2026-15610 WPBot <= 8.5.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary RAG Document Re-Sync via ajax_rag_manual_sync() Function 16.07.2026 4.3
CVE-2026-15651 WP TripAdvisor Review Slider <= 14.6 - Authenticated (Administrator+) SQL Injection via 'filtersource' Parameter 16.07.2026 4.9
CVE-2026-15727 WP Bulk Delete <= 1.4.2 - Authenticated (Administrator+) SQL Injection via 'delete_user_roles' Parameter 16.07.2026 4.9
CVE-2026-58078 Joomla Extension - themexpert.com - Unauthenticated SQL injection in Quix Page Builder Pro < 6.2.1 16.07.2026
CVE-2026-6423 Local privilege escalation via unauthenticated ALPC in ESET Inspect Connector 16.07.2026
CVE-2026-6424 Use-after-free vulnerability in ESET security products for Linux 16.07.2026
CVE-2026-7543 Breakdance <= 2.7.1 - Unauthenticated Stored Cross-Site Scripting via Webhook Action Details 16.07.2026 7.2
CVE-2026-11371 BetterDocs < 4.5.5 - Unauthenticated Stored XSS via AI Doc Summarizer Prompt Injection 16.07.2026
CVE-2026-11866 LatePoint < 5.6.3 - Multiple Privileged Actions via CSRF 16.07.2026
CVE-2026-12395 WP Job Portal < 2.5.5 - Subscriber+ SQL Injection via Applied Resumes 'ta' Parameter 16.07.2026
CVE-2026-12492 Happy Coders OTP Login for WooCommerce < 2.8 - Unauthenticated Account Takeover via hcotp_auto_login_user 16.07.2026
CVE-2026-12510 AI Engine < 3.5.5 - Subscriber+Chatbot Discussion Disclosure and Takeover via IDOR 16.07.2026
CVE-2026-12525 Redux Framework < 4.5.13 - Subscriber+ Privilege Escalation to Administrator 16.07.2026
CVE-2026-12585 Abandoned Cart Lite for WooCommerce < 6.8.2 - Unauthenticated Account Takeover via Malleable Recovery-Link Token 16.07.2026
CVE-2026-12684 Customer Reviews for WooCommerce < 5.113.0 - Unauthenticated Arbitrary Media Upload via cr_upload_media 16.07.2026
CVE-2026-12869 Header Footer Builder for Elementor < 1.2.1 - Contributor+ Stored XSS via Template Import 16.07.2026
CVE-2026-12906 RTMKit Addons for Elementor < 2.0.9 - Contributor+ Private Post Title Disclosure 16.07.2026
CVE-2026-12907 RTMKit Addons for Elementor < 2.0.9 - Author+ Site-Wide Theme Builder Template Creation and Activation 16.07.2026
CVE-2026-12978 FunnelKit < 3.15.0.6 - Reflected XSS via Divi Optin Form 16.07.2026
CVE-2026-12979 FunnelKit < 3.15.0.6 - Admin+ Arbitrary File Deletion via Path Traversal in Template Importer 16.07.2026
CVE-2026-15925 Improper TLS Hostname Verification in Snowflake Connector for Python 16.07.2026
CVE-2026-53366 ipv4: account for fraggap on the paged allocation path 16.07.2026
CVE-2026-13042 RPB Chessboard <= 8.1.2 - Unauthenticated Stored Cross-Site Scripting via Comment Content 16.07.2026 7.2
CVE-2026-15013 SAML Single Sign On <= 5.4.3 - Unauthenticated Authentication Bypass via 'SAMLResponse' Parameter Signature Algorithm Confusion 16.07.2026 9.8
CVE-2026-15306 Product Feed Manager For WooCommerce <= 7.6.1 - Reflected Cross-Site Scripting via 's' Search Parameter 16.07.2026 6.1
CVE-2026-15445 SEO Booster <= 7.3.1 - Authenticated (Administrator+) SQL Injection via 'orderby' Parameter 16.07.2026 4.9
CVE-2026-15458 SEO Booster <= 7.3.1 - Authenticated (Administrator+) SQL Injection via 'sort_field' Parameter 16.07.2026 4.9
CVE-2026-12409 Landing Page Builder <= 1.5.3.6 - Cross-Site Request Forgery to ulpb_admin_data AJAX Action 16.07.2026 4.3
CVE-2026-12434 List category posts <= 0.95.0 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Exposure via 'post_status' Shortcode Attribute 16.07.2026 4.3
CVE-2026-12753 Advance Product Search- Voice & Ajax Search for WooCommerce <= 1.4.4 - Unauthenticated SQL Injection via 's' and 'match' Parameter 16.07.2026 7.5
CVE-2026-12941 MultiVendorX <= 5.0.9 - Authenticated (Store Owner+) SQL Injection via 'order_by' Parameter 16.07.2026 6.5
CVE-2026-13005 MxChat <= 3.2.10 - Authenticated (Admin+) Stored Cross-Site Scripting via 'intro_message' Setting 16.07.2026 4.4
CVE-2026-14987 GiveWP <= 4.16.3 - Authenticated (Give Worker+) Stored Cross-Site Scripting via 'twitter_message' Sequoia Template Setting 16.07.2026 6.4
CVE-2026-15336 Catch Themes Demo Import <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Single Plugin Installation via 'activate_plugin' Parameter 16.07.2026 4.3
CVE-2026-15652 Easy Accordion <= 3.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' Block Attribute 16.07.2026 6.4
CVE-2026-21729 Loki detected_fields query limits results in unbounded memory allocation 16.07.2026 7.5
CVE-2026-15909 RafyMrX TOKO-ONLINE-ROTI add.php authorization 16.07.2026
CVE-2026-1609 Org.keycloak/keycloak-quarkus-server: keycloak: unauthorized access via jwt authorization grant with disabled users 16.07.2026
CVE-2026-23538 Feast: resource exhaustion via websocket endpoint 16.07.2026
CVE-2026-3842 Qemu-kvm: hyperv/syndbg: missing mapped-length guard after cpu_physical_memory_map causes host oob write 16.07.2026
CVE-2026-48863 Libsolv: stack-based buffer overflow in libsolv eddsa pgp signature verification allows denial of service 16.07.2026
CVE-2026-15907 H3C SecPath F1000-C8300 g=log_fw_nbc_mail_jsondata sql injection 16.07.2026
CVE-2026-26718 15.07.2026
CVE-2026-26719 15.07.2026
CVE-2026-36590 15.07.2026
CVE-2026-38974 15.07.2026
CVE-2025-65720 15.07.2026
CVE-2026-30618 16.07.2026
CVE-2026-30623 16.07.2026
CVE-2026-45313 Sandboxie-Plus: Sandboxie APC Injection Sandbox Escape 16.07.2026 7.7
CVE-2026-48795 Incomplete fix for CVE-2026-25754 in @adonisjs/bodyparser 15.07.2026 8.6
CVE-2026-54458 AVideo: Unauthenticated Stored DOM Cross-Site Scripting via Per-Client Metadata Broadcast in YPTSocket Plugin 16.07.2026 9.6
CVE-2026-55445 Qinglong: Incomplete fix for CVE-2026-3965: Improper Authentication 15.07.2026
CVE-2026-63175 Cross-Capture Session Data Leakage Due to Shared Mutable State in Looklyloo - PlaywrightCapture 16.07.2026
CVE-2026-15921 nvm path traversal via a malicious mirror's LTS codename writes outside the alias directory 16.07.2026
CVE-2026-38752 16.07.2026
CVE-2026-38754 16.07.2026
CVE-2026-38755 16.07.2026
CVE-2026-49279 WWBN AVideo: Stored XSS via autoEvalCodeOnHTML Bypass in MessageSQLite WebSocket Handler (CVE-2026-43874 Bypass) 15.07.2026
CVE-2026-50182 AVideo Has Unauthenticated Reflected XSS via $_GET['search'] in YouTubeAPI Gallery Pagination 15.07.2026 6.1
CVE-2026-50183 WWBN AVideo: Stored XSS via Hostile YouTube Video Title in AVideo YouTubeAPI Gallery Section 16.07.2026 4.7
CVE-2026-52890 Wekan: Arbitrary file read and server DoS via attachment versions.original.path 16.07.2026 7.1
CVE-2026-52891 Wekan: Shell Injection via Avatar Upload 15.07.2026 9.9
CVE-2026-52892 Wekan: Read-only board members can create/modify/delete Custom Fields (privilege escalation via read-level authz on write ops) 16.07.2026 6.5
CVE-2026-52893 Wekan: OIDC Account Takeover via Unconditional Email-Based Account Merge in onCreateUser hook 15.07.2026
CVE-2026-53444 Wekan: Missing authorization on OIDC Meteor methods allows privilege escalation to admin 15.07.2026
CVE-2026-53445 Wekan: Authorization bypass in copyBoard DDP method allows any user to copy private boards 16.07.2026
CVE-2026-53446 Wekan: Server-Side Request Forgery (SSRF) via webhook integration URLs 16.07.2026
CVE-2026-53447 Wekan: `cloneBoard` Meteor method has no authorization check — any user can clone (read) any private board by ID 15.07.2026 6.5
CVE-2026-55234 Wekan: Broken access control: any authenticated user can move their Cards/Lists/Swimlanes into a private board they are not a member of (cross-board write via collection allow rule) 16.07.2026 8.5
CVE-2026-55576 MaaAssistantArknights: PR-title expression injection in release-preparation.yml 15.07.2026
CVE-2026-55652 Wekan: Header-login IP allowlist bypass via X-Forwarded-For spoofing in Wekan allows unauthenticated full account takeover (incl. admin) 15.07.2026 9.8
CVE-2026-62314 Anubis: Policy bypass via client controlled X-Original-URI header 16.07.2026 5.8
CVE-2026-33684 AVideo's Privilege AVideo: Escalation via Unguarded Permission Parameters in signUp API Allows Self-Granting Upload/Stream/Meet Permissions 16.07.2026 5.3
CVE-2026-38753 16.07.2026
CVE-2026-46339 9Router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes 16.07.2026 10
CVE-2026-49352 9Router: Hardcoded Default fallback JWT Secret Allows Authentication Bypass 15.07.2026 9.8
CVE-2026-49353 9Router: Local-Only Access Gate Bypass in 9router via Host Header SpoofING 16.07.2026 7.5
CVE-2026-51380 16.07.2026
CVE-2026-54052 n8n-MCP: Cross-tenant access to workflow version backups in multi-tenant HTTP deployments 15.07.2026 9.9
CVE-2026-55608 n8n-MCP: Incorrect authorization can expose default-scope workflow version backups in multi-tenant HTTP mode 15.07.2026 4.2
CVE-2026-56678 9Router: Kiro region injection allows authenticated SSRF with Authorization header forwarding 16.07.2026 6.4
CVE-2026-56679 9Router: Mass assignment in PATCH /api/settings allows authenticated authorization downgrade 16.07.2026
CVE-2026-62312 9Router: Authenticated RCE via Unvalidated MCP Plugin Arguments 15.07.2026 8.8
CVE-2026-62361 listmonk: SQL Injection in `/api/subscribers/export` bypasses table access control, leaking admin password hashes and SMTP credentials 16.07.2026 5.5
CVE-2026-33444 Memory management vulnerability in Secure Access servers 16.07.2026
CVE-2026-33445 Memory management vulnerability in Secure Access servers 16.07.2026
CVE-2026-52887 NocoBase: SQL injection in /api/myInAppChannels:list filter to PG-superuser RCE 15.07.2026 10
CVE-2026-52888 NocoBase: Sensitive Data Exposure via SQL Blacklist Bypass 16.07.2026 6.8
CVE-2026-55398 Memory management vulnerability in Secure Access clients 16.07.2026
CVE-2026-55399 Resource exhaustion vulnerability in the Secure Access publisher 16.07.2026
CVE-2026-55410 NocoBase backup restore schema name allows command injection 15.07.2026 6.7
CVE-2026-59950 MCP Python SDK: WebSocket server transport does not support Host/Origin validation 15.07.2026
CVE-2026-33443 Memory management error in Secure Access servers prior to 14.55 16.07.2026
CVE-2026-40954 Integer underflow in Secure Access clients prior to 14.55 16.07.2026
CVE-2026-40955 Integer underflow vulnerability in Secure Access clients 16.07.2026
CVE-2026-40956 Memory disclosure in Secure Access Clients 16.07.2026
CVE-2026-40957 Frameable content vulnerability in the Secure Access server login page 16.07.2026
CVE-2026-40958 Input validation error in Secure Access clients prior to 14.55 16.07.2026
CVE-2026-45737 Argo CD: Kubernetes Secret Extraction via ArgoCD ServerSideDiff via sensitive annotations 15.07.2026 6.3
CVE-2026-45738 Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation 16.07.2026 7.3
CVE-2026-49867 DataEase: Authenticated Stored XSS in DataEase Template Static Resources 15.07.2026
CVE-2026-50144 ncnn: Out-of-bounds heap write in ParamDict::load_param via unchecked negative parameter id 15.07.2026 7.1
CVE-2026-52869 MCP Python SDK: HTTP transports serve session requests without verifying the authenticated principal 16.07.2026 7.1
CVE-2026-52870 MCP Python SDK: Experimental task handlers allow any client to access and cancel other clients' tasks 16.07.2026 7.6
CVE-2026-40952 Privilge misconfiguration in Secure Access installers 16.07.2026
CVE-2026-40953 Heap overflow in Secure Access clients 16.07.2026
CVE-2026-45320 DataEase Data Dashboard SqlVariable transFilter Unfiltered SQL Injection 15.07.2026
CVE-2026-45533 DataEase: Path Traversal Vulnerability 15.07.2026
CVE-2026-45535 DataEase: Stored SQL Injection Vulnerability 16.07.2026
CVE-2026-46684 DataEase: Unauthorized Command Execution Vulnerability 15.07.2026
CVE-2026-50124 DataEase: Remote Code Execution (RCE) via Zip Protocol & File Dropper 15.07.2026