CVE Field Guide

Critical CVEs

CVE Title Updated Score
CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization 24.06.2026 9.3
CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows 24.06.2026 10
CVE-2026-56223 Capgo - Account Takeover via Cross-Domain SSO Email Assertion in provision-user 24.06.2026 9.3
CVE-2026-56237 Capgo - Unauthenticated API Key Generation via Client-Side Parameter Manipulation 24.06.2026 9.3
CVE-2026-12416 Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter 24.06.2026 9.8
CVE-2026-12417 SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover 24.06.2026 9.8
CVE-2026-12485 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12486 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12846 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12849 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12850 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12851 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-54588 Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction. 24.06.2026 9.6
CVE-2026-11807 Eda-server: websocket missing authorization allows credential theft via activation_id spoofing 24.06.2026 9.6
CVE-2026-53753 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API 23.06.2026 9.8
CVE-2026-53662 immich: One-click account takeover via XSS in login page continue redirect 23.06.2026 9.6
CVE-2026-54157 LobeHub: Unauthenticated SSRF in `/webapi/proxy` 23.06.2026 9
CVE-2026-54257 Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow 23.06.2026 9.3
CVE-2026-44789 n8n: HTTP Request Node Pagination Prototype Pollution to RCE 24.06.2026 9.4
CVE-2026-44790 n8n: Arbitrary File Read via Git Node 23.06.2026 9.4
CVE-2026-44791 n8n: XML Node Prototype Pollution Patch Bypass 23.06.2026 9.4
CVE-2026-48519 Langflow: Unauthenticated RCE in Shareable Playgrounds 24.06.2026 9.6
CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow 24.06.2026 9.9
CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit 24.06.2026 9.6
CVE-2026-55450 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak 23.06.2026 9.3
CVE-2026-27604 FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions 23.06.2026 10
CVE-2026-28496 FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE 23.06.2026 9.4
CVE-2026-35019 NetComm NF20MESH < R6B032 Hardcoded AES Key Authentication Bypass 23.06.2026 9.2
CVE-2026-44089 Buffer Overflow in Totolink EX1200L router 23.06.2026 9.4
CVE-2026-56258 Crawl4AI - Arbitrary File Write via output_path Symlink and TOCTOU 23.06.2026 9.2
CVE-2026-56315 picklescan - Remote Code Execution via Unblocked Standard Library Modules 23.06.2026 9.3
CVE-2026-11374 Account Takeover via Predictable SSO Ticket Generation 24.06.2026 9
CVE-2026-12866 23.06.2026 9.2
CVE-2026-48746 vLLM: OpenAI auth bypass 23.06.2026 9.1
CVE-2026-56266 Crawl4AI - Server-Side Request Forgery via Direct Crawl Endpoints 23.06.2026 9.2
CVE-2026-44727 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP 23.06.2026 9.3
CVE-2026-45034 PhpSpreadsheet: File::prohibitWrappers bypass 23.06.2026 9.2
CVE-2026-49468 LiteLLM: Authentication Bypass via Host Header Injection 24.06.2026 9.5
CVE-2026-10789 MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop 23.06.2026 9.6
CVE-2026-12249 Canonical ADSys Trust Store Poisoning via Plaintext HTTP Certificate Auto-Enrollment 22.06.2026 9
CVE-2026-12628 Hardcoded credential in the IBM Storage Protect Snapshot For Windows leads to unauthorized access to system 23.06.2026 9.1
CVE-2026-7664 Unauthenticated Flow Execution via Webhook Endpoint in Langflow OSS 23.06.2026 9.8
CVE-2026-10561 Unauthenticated Remote Code Execution in Langflow OSS PythonREPLComponent via Builtins Injection 23.06.2026 10
CVE-2026-28381 Local File Read/Write to Potential Privilege Escalation via Snowflake GET/PUT 22.06.2026 9.6
CVE-2026-56423 MISP Core: Broken access control allows instance-wide unauthorized deletion of event reports and sharing groups via bulk deletion endpoints 23.06.2026 9.4
CVE-2026-56425 MISP AAD authentication plugin - Improper OAuth State Handling, Missing Session Rotation, Insecure Redirect URI Validation, and Log Injection 23.06.2026 9.3
CVE-2026-56447 MISP remote code execution via arbitrary rdkafka configuration path 22.06.2026 9.3
CVE-2026-7165 Multiple vulnerabilities in the Assassin game by Gaudire 22.06.2026 9.4
CVE-2026-7166 Multiple vulnerabilities in the Assassin game by Gaudire 22.06.2026 9.2
CVE-2026-56422 MISP Core: Mass Assignment and Object Re-ownership via Unvalidated Request Fields 23.06.2026 9.4
CVE-2026-11746 22.06.2026 9.4
CVE-2026-56265 Crawl4AI - Authentication Bypass via Hardcoded JWT Signing Key 22.06.2026 9.3
CVE-2026-56395 SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README 22.06.2026 9.4
CVE-2026-56397 SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README 21.06.2026 9.4
CVE-2026-56345 AVideo - Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint 23.06.2026 9.2
CVE-2026-5366 Git Argument Injection in prefecthq/prefect 22.06.2026 9.9
CVE-2024-58351 Flowise - Remote Code Execution via overrideConfig Parameter 22.06.2026 9.3
CVE-2019-25763 WordPress Ultimate Addons for Beaver Builder 1.2.4.1 Authentication Bypass 22.06.2026 9.3
CVE-2022-50972 WooCommerce 7.1.0 Remote Code Execution via class-wc-meta-box-product-images.php 22.06.2026 9.3
CVE-2026-48908 Joomla Extension - joomshaper.com - Remote Code Execution in SP Pagebuilder extension for Joomla < 6.6.2 23.06.2026 10
CVE-2026-48909 Joomla Extension - joomshaper.com - PHP Object injection in SP LMS extension for Joomla < 4.1.4 23.06.2026 9.5
CVE-2026-48939 Joomla Extension - icagenda.com - Remote Code Execution in iCaganda extension for Joomla < 4.0.8/3.9.15 23.06.2026 10
CVE-2026-11551 Branda – White Label & Branding, Free Login Page Customizer <= 3.4.29 - Unauthenticated Privilege Escalation via Account Takeover 23.06.2026 9.8
CVE-2026-56073 Cap-go - OTP Bypass via Response Manipulation in Email Verification 22.06.2026 9.3
CVE-2026-56081 Cap-go - Account Lockout via 2FA Misconfiguration on Unverified Email 22.06.2026 9.3
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability 24.06.2026 10
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability 24.06.2026 9.6
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability 23.06.2026 9.9
CVE-2026-48772 ProxySQL: PROXY-Protocol-v1 UNKNOWN parses spoofed source IP, bypassing mysql_query_rules.client_addr ACL 22.06.2026 10
CVE-2026-48773 ProxySQL pre-auth heap overflow in MySQL and PostgreSQL first-packet handling 22.06.2026 9.8
CVE-2026-48137 Untrusted pointer dereference in NI grpc-device sideband streaming API 22.06.2026 9.3
CVE-2026-9142 Insecure Default Credentials vulnerability in NI grpc-device when TLS configuration is not present 22.06.2026 9.3
CVE-2026-44939 Command injection through unsanitized YAML parameter in Rancher 24.06.2026 9.4
CVE-2026-50242 24.06.2026 10
CVE-2026-56141 24.06.2026 9.8
CVE-2026-56142 24.06.2026 9.6
CVE-2026-54414 FileRise shared-folder upload path traversal allows arbitrary file write and admin takeover 22.06.2026 9.3
CVE-2026-7515 BetterDocs Pro <= 3.8.0 - Unauthenticated Local File Inclusion via doc_style 22.06.2026 9.8
CVE-2026-8713 Avada (Fusion) Builder <= 3.15.3 - Unauthenticated Arbitrary File Deletion via Form Entry Value 22.06.2026 9.1
CVE-2026-12045 pgAdmin 4: AI Assistant read-only transaction bypass allows unauthorised writes and remote code execution 23.06.2026 9.4
CVE-2026-12046 pgAdmin 4: Unauthenticated pickle deserialization in SQL Editor close / update_connection routes enables remote code execution 23.06.2026 9.5
CVE-2026-12048 pgAdmin 4: Stored XSS via untrusted error and plan-node text rendered through html-react-parser 22.06.2026 9.3
CVE-2026-40624 AVer PTC cameras Files or Directories Accessible to External Parties 22.06.2026 9.3
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability 24.06.2026 9.9
CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability 24.06.2026 9.8
CVE-2026-49257 mcp-pinot: Unauthenticated tool invocation via default oauth_enabled=False + host 0.0.0.0 bind 22.06.2026 10
CVE-2026-49454 Relyra SAML SignatureValue not cryptographically verified -> authentication bypass 22.06.2026 9.1
CVE-2026-49252 deepstream is vulnerable to prototype pollution 22.06.2026 9.9
CVE-2026-47846 18.06.2026 9.8
CVE-2026-54390 JTL Shop < 5.7.2 Server-Side Template Injection via Smarty Renderer 23.06.2026 9.3
CVE-2026-54103 U.S. GAO EPDS and CBCA EDS unauthenticated password change 22.06.2026 9.3
CVE-2026-55203 HAProxy - Integer Overflow in FCGI Demux Record Length Field 23.06.2026 9
CVE-2026-56020 Webmin HTTP header authentication bypass 22.06.2026 9.2
CVE-2026-11717 18.06.2026 9.3
CVE-2026-11718 18.06.2026 9.3
CVE-2026-54419 PIAF-HMS multiple unauthenticated SQL injection vulnerabilities via mysql_query 18.06.2026 9.3
CVE-2026-8024 Deserialization vulnerability in ibaPDA and ibaDatCoordinator 18.06.2026 9.3
CVE-2025-10560 Hardcoded cloud credentials in Worksnaps client application binaries expose production cloud resources 21.06.2026 9.3
CVE-2026-28573 22.06.2026 10
CVE-2026-55742 Cotonti CSRF in admin.rights.php allows privilege escalation 18.06.2026 9.4
CVE-2026-55740 SQL Injection in Nur-Alam39 bus-ticket bus_info.php via busid parameter 18.06.2026 9.3
CVE-2026-12569 Remote Code Execution (RCE) vulnerability in Windchill PDMlink 18.06.2026 9.3
CVE-2026-48768 TypeBot: Unauthenticated arbitrary s3 object write in generate-upload-url via unsanitized fileName 18.06.2026 9.3
CVE-2026-48814 Network-AI: Empty default secret still authorizes all requests (Incomplete fix for CVE-2026-46701) 18.06.2026 9.1
CVE-2026-54387 Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization 23.06.2026 9.3
CVE-2026-54388 Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers 23.06.2026 9.3
CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c 18.06.2026 9.2
CVE-2026-55196 Hermes WebUI < 0.51.409 - Unauthenticated Passkey Registration via Authentication Bypass 23.06.2026 9.1

Latest Updates

CVE Title Updated Score
CVE-2026-49269 24.06.2026
CVE-2026-50700 Frappe Framework 17.0.0-dev - Stored XSS in frappe.get_avatar image rendering 24.06.2026
CVE-2026-50701 Frappe Framework 17.0.0-dev - Reflected DOM XSS in dashboard-view breadcrumb rendering 24.06.2026
CVE-2026-50703 Frappe Framework 17.0.0-dev - Stored XSS in Desktop Icon label rendering 24.06.2026
CVE-2026-50704 Frappe Framework 17.0.0-dev - Reflected/Stored XSS in File View breadcrumbs rendering 24.06.2026
CVE-2026-50705 Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering 24.06.2026
CVE-2026-50708 Frappe Framework 17.0.0-dev - Stored XSS in Multi Select Dialog result rendering 24.06.2026
CVE-2026-50709 Frappe Framework 17.0.0-dev - Stored XSS in Notifications Events color rendering 24.06.2026
CVE-2026-50710 Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config 24.06.2026
CVE-2026-50711 Frappe Framework 17.0.0-dev - Stored XSS in Number Card filter fields rendering 24.06.2026
CVE-2026-50712 Frappe Framework 17.0.0-dev - Stored XSS in Tree View node label rendering 24.06.2026
CVE-2026-55488 motionEye's Absolute Path Traversal in Media File Handlers Allows Arbitrary File Read 24.06.2026
CVE-2026-56111 Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler 24.06.2026
CVE-2026-56118 24.06.2026
CVE-2026-56119 24.06.2026
CVE-2026-56121 Feast < 0.63.0 Unauthenticated RCE via ApplyFeatureView gRPC Deserialization 24.06.2026
CVE-2026-11877 Missing Authorization Vulnerability in OpenText Access Manager 24.06.2026
CVE-2026-11878 Reflected Cross-Site Scripting vulnerability in OpenText Access Manager 24.06.2026
CVE-2026-12986 24.06.2026
CVE-2026-50698 Frappe Framework 17.0.0-dev - Stored XSS in Audit Trail template rendering 24.06.2026
CVE-2026-50699 Frappe Framework 17.0.0-dev - Stored XSS in Auto Repeat dashboard schedule rendering 24.06.2026
CVE-2026-12537 Unauthenticated Remote Code Execution in Gemini CLI CI/CD Workflows 24.06.2026
CVE-2026-29034 24.06.2026
CVE-2026-35025 ProFTPD ACL Bypass via /proc/self/root Path Prefix in RNFR 24.06.2026
CVE-2026-42450 OpenColorIO vulnerable to stack buffer overflow via unbounded `sscanf %s` in Spi3D (.spi3d) LUT parser 24.06.2026
CVE-2026-57280 24.06.2026
CVE-2026-57281 24.06.2026
CVE-2026-57282 24.06.2026
CVE-2026-57283 24.06.2026
CVE-2026-57284 24.06.2026
CVE-2026-57285 24.06.2026
CVE-2026-57286 24.06.2026
CVE-2026-57287 24.06.2026
CVE-2026-57288 24.06.2026
CVE-2026-57289 24.06.2026
CVE-2026-57290 24.06.2026
CVE-2026-57291 24.06.2026
CVE-2026-57292 24.06.2026
CVE-2026-57293 24.06.2026
CVE-2026-57294 24.06.2026
CVE-2026-57295 24.06.2026
CVE-2026-57296 24.06.2026
CVE-2026-57297 24.06.2026
CVE-2026-57298 24.06.2026
CVE-2026-57299 24.06.2026
CVE-2026-57300 24.06.2026
CVE-2026-57301 24.06.2026
CVE-2026-57302 24.06.2026
CVE-2026-57303 24.06.2026
CVE-2026-57304 24.06.2026
CVE-2026-57305 24.06.2026
CVE-2026-57306 24.06.2026
CVE-2026-57307 24.06.2026
CVE-2026-12242 AdRotate Banner Manager <= 5.17.7 - Authenticated (Contributor+) PHP Code Injection via 'banner' Shortcode Attribute 24.06.2026 8.8
CVE-2026-13163 Lack of input validation in Mailerup input parameter leads to Open Redirect 24.06.2026
CVE-2025-71332 Flowise - SQL Injection in importChatflows API via chatflow.id Parameter 24.06.2026
CVE-2025-71354 picklescan - Remote Code Execution via idlelib.debugobj.ObjectTreeItem.SetText 24.06.2026
CVE-2025-71361 picklescan - Remote Code Execution via Undetected idlelib.calltip.Calltip.fetch_tip 24.06.2026
CVE-2026-13140 Stored Cross-Site Scripting in Canarytokens.org 24.06.2026
CVE-2026-56223 Capgo - Account Takeover via Cross-Domain SSO Email Assertion in provision-user 24.06.2026
CVE-2026-56231 Capgo - Broken Object Level Authorization in Build Job Control via jobId Parameter 24.06.2026
CVE-2026-56232 Capgo - Subkey Scope Bypass in middlewareKey via x-limited-key-id Header 24.06.2026
CVE-2026-56237 Capgo - Unauthenticated API Key Generation via Client-Side Parameter Manipulation 24.06.2026
CVE-2026-56244 Capgo - Webhook Signing Secret Disclosure via Non-Admin API Key 24.06.2026
CVE-2026-56245 Supabase Capgo - Unauthenticated Cross-Tenant Build-Time Accounting Poisoning via record_build_time RPC 24.06.2026
CVE-2026-56256 Capgo - Two-Factor Authentication Bypass via Organization Management API 24.06.2026
CVE-2026-56257 Capgo - Authorization Bypass in App Ownership Transfer via Direct PostgREST Update 24.06.2026
CVE-2026-56262 Crawl4AI - Unauthenticated Access to Monitor Endpoints via Docker API Server 24.06.2026
CVE-2026-56269 Flowise - Weak Default Token Hash Secret in JWT Token Encryption 24.06.2026
CVE-2026-56270 Flowise - Unauthenticated OAuth Secrets Disclosure via /api/v1/loginmethod Endpoint 24.06.2026
CVE-2026-56272 Flowise - Insufficient Password Salt Rounds in Bcrypt Hashing 24.06.2026
CVE-2026-56302 Capgo - Unsecured Supabase Images Bucket via Missing Row Level Security 24.06.2026
CVE-2026-56310 Cap-go - Authorization Bypass in Organization Members Endpoint via API Key Scope Bypass 24.06.2026
CVE-2026-56337 Capgo - Information Disclosure via Unauthenticated RPC Function exist_app_v2 24.06.2026
CVE-2026-56338 Capgo - Denial of Service in 2FA Email Verification via /auth/v1/otp Endpoint 24.06.2026
CVE-2026-56351 n8n - SQL Injection in MySQL, PostgreSQL, and Microsoft SQL Nodes 24.06.2026
CVE-2026-56358 n8n - Stored Cross-Site Scripting in Form Trigger Node 24.06.2026
CVE-2026-56368 ImageMagick - Memory Leak in Raw Pixel Data Coders 24.06.2026
CVE-2026-56370 ImageMagick - Out-of-bounds Access in ConnectedComponentsImage via connected-components Artifact 24.06.2026
CVE-2026-56761 hono - HTML Injection via Improper JSX Attribute Name Handling in SSR 24.06.2026
CVE-2026-13150 SSRF in Pentestify PDF generation endpoint via Host header 24.06.2026
CVE-2026-11968 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') in TortoiseGit 24.06.2026 5.5
CVE-2026-52943 net: skbuff: fix missing zerocopy reference in pskb_carve helpers 24.06.2026
CVE-2026-52944 ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE 24.06.2026
CVE-2026-10745 24.06.2026
CVE-2026-52912 netfilter: nf_queue: hold bridge skb->dev while queued 24.06.2026
CVE-2026-52913 batman-adv: v: stop OGMv2 on disabled interface 24.06.2026
CVE-2026-52914 batman-adv: fix fragment reassembly length accounting 24.06.2026
CVE-2026-52915 netfilter: ip6t_hbh: reject oversized option lists 24.06.2026
CVE-2026-52916 batman-adv: frag: disallow unicast fragment in fragment 24.06.2026
CVE-2026-52917 sctp: diag: reject stale associations in dump_one path 24.06.2026
CVE-2026-52918 Bluetooth: serialize accept_q access 24.06.2026
CVE-2026-52919 batman-adv: fix tp_meter counter underflow during shutdown 24.06.2026
CVE-2026-52920 netfilter: xt_policy: fix strict mode inbound policy matching 24.06.2026
CVE-2026-52921 netfilter: ipset: stop hash:* range iteration at end 24.06.2026
CVE-2026-52922 batman-adv: dat: handle forward allocation error 24.06.2026
CVE-2026-52923 ipc: limit next_id allocation to the valid ID range 24.06.2026
CVE-2026-52924 sctp: purge outqueue on stale COOKIE-ECHO handling 24.06.2026
CVE-2026-52925 vrf: Fix a potential NPD when removing a port from a VRF 24.06.2026
CVE-2026-52926 batman-adv: clear current gateway during teardown 24.06.2026
CVE-2026-52927 netfilter: ebtables: fix OOB read in compat_mtw_from_user 24.06.2026
CVE-2026-52928 af_unix: Reject SIOCATMARK on non-stream sockets 24.06.2026
CVE-2026-52929 sctp: stream: fully roll back denied add-stream state 24.06.2026
CVE-2026-52930 ipc/shm: serialize orphan cleanup with shm_nattch updates 24.06.2026
CVE-2026-52931 batman-adv: tp_meter: avoid use of uninit sender vars 24.06.2026
CVE-2026-52932 xfrm: ipcomp: Free destination pages on acomp errors 24.06.2026
CVE-2026-52933 io_uring/poll: fix signed comparison in io_poll_get_ownership() 24.06.2026
CVE-2026-52934 batman-adv: tvlv: reject oversized TVLV packets 24.06.2026
CVE-2026-52935 xfrm: espintcp: do not reuse an in-progress partial send 24.06.2026
CVE-2026-52936 crypto: jitterentropy - replace long-held spinlock with mutex 24.06.2026
CVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR 24.06.2026
CVE-2026-52938 bpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths 24.06.2026
CVE-2026-52939 net/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion 24.06.2026
CVE-2026-52940 tun: zero the whole vnet header in tun_put_user() 24.06.2026
CVE-2026-52941 net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint 24.06.2026
CVE-2026-52942 netfilter: nf_log: validate MAC header was set before dumping it 24.06.2026
CVE-2026-56052 WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.5 - SQL Injection vulnerability 24.06.2026 7.6
CVE-2026-7761 Ultimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link Disclosure 24.06.2026 8.8
CVE-2026-10091 Email JavaScript Cloak <= 1.03 - Unauthenticated Stored Cross-Site Scripting 24.06.2026 7.2
CVE-2026-10092 Cincopa video and media plug-in <= 1.163 - Unauthenticated Stored Cross-Site Scripting via cincopa Shortcode in Post Comments 24.06.2026 7.2
CVE-2026-10531 AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute 24.06.2026
CVE-2026-10552 Blue Captcha <= 2.0.1 - Cross-Site Request Forgery via 'blcap_action' Parameter 24.06.2026 4.3
CVE-2026-10735 ShapedPlugin Multiple Pro Plugins - Backdoor via Compromised Vendor Update Server 24.06.2026
CVE-2026-10749 Post Duplicator < 3.0.15 - Contributor+ PHP Object Injection via customMetaData 24.06.2026
CVE-2026-10753 Site Kit by Google < 1.176.0 - Editor+ Email Reporting Settings Update 24.06.2026
CVE-2026-11370 WP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' Parameter 24.06.2026 6.4
CVE-2026-11997 Bulk SEO Image <= 1.1 - Cross-Site Request Forgery to Settings Update 24.06.2026 4.3
CVE-2026-12094 Advanced Contact Form 7 <= 1.0.0 - Missing Authorization to Unauthenticated Arbitrary Contact Form Submission Deletion via 'form_id' Parameter 24.06.2026 5.3
CVE-2026-12095 Kargo Takip <= 1.2 - Unauthenticated Server-Side Request Forgery via 'api_url' Parameter 24.06.2026 7.2
CVE-2026-12100 URL Preview <= 1.0 - Unauthenticated Server-Side Request Forgery via 'url' Parameter 24.06.2026 7.2
CVE-2026-12416 Invoice Generator <= 1.0.0 - Unauthenticated Account Takeover via Weak Password Reset Validation via 'reset_user_id' Parameter 24.06.2026 9.8
CVE-2026-12417 SignUp & SignIn <= 1.0.0 - Unauthenticated Privilege Escalation via Weak Password Reset Validation via 'reset_activation_code' Leading to Account Takeover 24.06.2026 9.8
CVE-2026-13006 Incomplete protection against CVE-2025-11226 24.06.2026
CVE-2026-4297 Welcome Software Publishing <= 0.0.31 - Authenticated (Subscriber+) Arbitrary Options Update to Privilege Escalation via 'nc.setOption' XML-RPC Method 24.06.2026 8.8
CVE-2026-6292 MP Customize Login Page <= 1.0 - Cross-Site Request Forgery to Settings Update 24.06.2026 4.3
CVE-2026-7617 Secufor_OAuth <= 1.0.7 - Missing Authorization to Unauthenticated Account Logout via 'secuforoauth_unregister_action' AJAX Action 24.06.2026 5.3
CVE-2026-8614 Assistio <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Plugin Settings Deletion via assistio_plugin_delete_assistio_settings AJAX Action 24.06.2026 4.3
CVE-2026-8617 SearchPlus <= 1.7.1 - Missing Authorization to Unauthenticated Settings Modification and Deletion via searchplus_save_token & searchplus_reset_token AJAX Actions 24.06.2026 5.3
CVE-2026-8622 Image Sizes on Demand <= 1.3 - Reflected Cross-Site Scripting via PHP_SELF Server Variable 24.06.2026 6.1
CVE-2026-8628 EntreDroppers <= 1.1.2 - Reflected Cross-Site Scripting via PHP_SELF Parameter 24.06.2026 6.1
CVE-2026-8688 Advance Nav Menu Manager <= 1.3 - Missing Authorization to Authenticated (Subscriber+) Nav Menu Item Modification via anmm_save_menu_data AJAX Action 24.06.2026 4.3
CVE-2026-8690 RentMy Real-Time Rental Management Plugin <= 4.0.4.1 - Missing Authorization to Unauthenticated Settings Update via rentmy_cdn_request AJAX Action 24.06.2026 5.3
CVE-2026-8705 ClearSale Total <= 3.4.2 - Unauthenticated SQL Injection 24.06.2026 7.5
CVE-2026-8865 Avalon23 Products Filter for WooCommerce <= 1.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes 24.06.2026 6.4
CVE-2026-8896 MIR blocks and shortcodes <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes 24.06.2026 6.4
CVE-2026-8905 Osiris Signature Banner <= 0.5 - Cross-Site Request Forgery to Stored Cross-Site Scripting via 'prepend_text' Parameter 24.06.2026 6.1
CVE-2026-9172 Devs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Account Deletion via /delete-account/ REST Endpoint 24.06.2026 5.3
CVE-2026-9175 Devs Accounting <= 1.2.0 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'id' Parameter 24.06.2026 5.3
CVE-2026-9178 WP Forms Connector <= 1.8 - Missing Authorization to Unauthenticated Information Exposure via 'user/list' REST Endpoint 24.06.2026 7.5
CVE-2026-9179 WP Forms Connector <= 1.8 - Unauthenticated SQL Injection via 'order' Parameter 24.06.2026 7.5
CVE-2026-9183 24liveblog <= 2.2 - Authenticated (Contributor+) Exposure of Sensitive Information via Block Editor Script Localization 24.06.2026 4.3
CVE-2026-9184 24liveblog <= 2.2 - Missing Authorization to Authenticated (Author+) Settings Modification via update_lb24_token AJAX action 24.06.2026 4.3
CVE-2026-9612 WhatsOrder <= 1.0.1 - Unauthenticated Sensitive Information Exposure via Predictable Invoice File URLs 24.06.2026 5.3
CVE-2026-9616 Generate Security.txt <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Security.txt Deletion via delete_securitytxt AJAX Action 24.06.2026 4.3
CVE-2026-9619 Reviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX Action 24.06.2026 4.3
CVE-2026-9620 WP Latest Posts <= 5.0.11 - Authenticated (Author+) Stored Cross-Site Scripting via Post Content Image src Attribute 24.06.2026 6.4
CVE-2026-9643 WP Meta SEO <= 4.5.18 - Unauthenticated Stored Cross-Site Scripting via REQUEST_URI in 404 Logging 24.06.2026 7.2
CVE-2026-9709 Themeco Cornerstone < 7.8.9 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Meta Disclosure 24.06.2026
CVE-2026-9710 Themeco Cornerstone < 7.8.8 (Premium, bundled with X Theme) - Subscriber+ Arbitrary User Password Hash Disclosure 24.06.2026
CVE-2026-9721 Book a Room Event Calendar <= 1.9 - Cross-Site Request Forgery to Settings Update 24.06.2026 4.3
CVE-2026-9724 MotorDesk <= 1.1.2 - Cross-Site Request Forgery to Settings Update 24.06.2026 4.3
CVE-2026-12485 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12486 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12488 GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability 24.06.2026 6.2
CVE-2026-12846 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12847 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12848 GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command 24.06.2026 10
CVE-2026-12849 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12850 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-12851 GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability 24.06.2026 9.1
CVE-2026-9539 libslirp TCP URG OOB Read Information Leak 24.06.2026 6.5
CVE-2026-11614 Xpro Addons <= 1.7.2 - Authenticated (Author+) Stored Cross-Site Scripting via 'custom_attributes' Parameter of Multiple Widgets 24.06.2026 6.4
CVE-2026-3652 ARForms <= 7.1.3 - Unauthenticated Stored Cross-Site Scripting via 'value' Parameter 24.06.2026 7.2
CVE-2026-12681 24.06.2026
CVE-2026-54639 Style Dictionary - Prototype Pollution in convertTokenData utility function 24.06.2026 8.8
CVE-2026-5818 MCU Firmware Update Authentication Bypass on Caliptra Core 24.06.2026
CVE-2026-6458 AES-256-GCM Authentication Tag Does Not Cover First Ciphertext Blocks When AAD Is Empty 24.06.2026
CVE-2026-7574 Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use 24.06.2026 8.7
CVE-2026-11972 tarfile opened in streaming mode mishandles EOF 24.06.2026
CVE-2026-12163 Stored XSS in Fortra File Integrity Monitoring (FIM) 23.06.2026 5.5
CVE-2026-12164 Privilege Escalation in Fortra File Integrity Monitoring (FIM) 24.06.2026 4.4
CVE-2026-47693 Poweradmin: CSV Injection in log export endpoints allows formula execution in spreadsheet applications 24.06.2026 6.9
CVE-2026-48493 Snipe-IT Vulnerable to Privilege Escalation for self via API Permissions Assignment 23.06.2026 5.5
CVE-2026-54588 Poweradmin has Host Header Injection in OIDC redirect_uri, SAML ACS/SLO URL, and Logout Redirect Construction. 24.06.2026 9.6
CVE-2026-56785 FlatPress - Stored Cross-Site Scripting via Unescaped Comment and Contact Form Fields 24.06.2026
CVE-2026-54518 jackson-databind: @JsonView bypass for unwrapped creator parameters in jackson-databind 23.06.2026 6.5
CVE-2026-41862 24.06.2026 8.8
CVE-2026-46547 NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL 23.06.2026 6.1
CVE-2026-46548 NocoDB: SSRF Protection Bypass in Notification Webhook Plugins (Slack, Discord, Mattermost, Teams) 24.06.2026 4.3
CVE-2026-46549 NocoDB: OAuth Token Scope Not Enforced at ACL Layer Allows Scope Escalation 24.06.2026 2
CVE-2026-46550 NocoDB: Refresh Token Cookie Set Without `Secure` and `SameSite` Flags 23.06.2026 5.4
CVE-2026-46551 NocoDB: Missing File Size Enforcement in Upload-by-URL Allows Denial of Service via Disk Exhaustion 24.06.2026 6.5
CVE-2026-46552 NocoDB: Shared-base link access can invite arbitrary users as persistent base members 24.06.2026 5.8
CVE-2026-46553 NocoDB: Attachment Size Limit Bypass via Upload-by-URL 23.06.2026
CVE-2026-46554 NocoDB: Stale Auth Cache After API Token Deletion 24.06.2026
CVE-2026-47279 NocoDB: Hidden LTAR Column Exposure in Public Shared-View Relation Endpoints 24.06.2026
CVE-2026-47375 NocoDB: Postgres SQL Injection in Formula `ARRAYSORT` 23.06.2026 6
CVE-2026-47376 NocoDB: Reflected Cross-Site Scripting via Password Reset Token 24.06.2026
CVE-2026-47377 NocoDB: Open Redirect via Hash Fragment in hashRedirect Plugin 24.06.2026
CVE-2026-47378 NocoDB: Hidden Column Exposure in Public Shared View Endpoints 23.06.2026
CVE-2026-47380 NocoDB: User Enumeration via Sign-In Timing 24.06.2026
CVE-2026-47382 NocoDB: Server-Side Request Forgery via Database Connection Host 24.06.2026
CVE-2026-50193 jackson-databind: Deeply nested JsonNode throws StackOverflowError for toString() 23.06.2026
CVE-2026-54512 jackson-databind: PolymorphicTypeValidator bypass via generic type parameters allows arbitrary class instantiation 24.06.2026 8.1
CVE-2026-54513 jackson-databind: Array subtype allowlist bypass in BasicPolymorphicTypeValidator (allowIfSubTypeIsArray) 24.06.2026 8.1
CVE-2026-54514 jackson-databind: InetSocketAddress deserialization triggers eager DNS resolution (SSRF) 23.06.2026 5.3
CVE-2026-54515 jackson-databind: Case-insensitive deserialization bypasses per-property @JsonIgnoreProperties 24.06.2026 5.3
CVE-2026-54516 jackson-databind: Renamed @JsonIgnore'd setters can deserialize via private fields 24.06.2026 5.3
CVE-2026-54517 jackson-databind: @JsonView bypass for setterless creator properties 23.06.2026 5.3
CVE-2026-56120 23.06.2026
CVE-2025-64105 FOSSBilling: IDOR Vulnerability in Support Ticket Creation 24.06.2026
CVE-2026-11807 Eda-server: websocket missing authorization allows credential theft via activation_id spoofing 24.06.2026
CVE-2026-11819 Community.general: community.general keyring_info — os keyring passphrase returned in plaintext 24.06.2026
CVE-2026-11820 Community.general: community.general nexmo — api credentials exposed in get url query string[security] community.general nexmo — api credentials exposed in get url query string 24.06.2026
CVE-2026-12112 Foreman-mcp-server: mcp server: active session hijacking via insecure session state reuse 24.06.2026
CVE-2026-12891 Gstreamer1-plugins-bad: gstreamer1-plugins-bad: global buffer overflow (oob read) in h.266/vvc vui parameter parser 24.06.2026
CVE-2026-12892 Gstreamer1-plugins-bad: gstreamer1-plugins-bad: 1-byte heap out-of-bounds read in h.264 nal extension slice parser 24.06.2026
CVE-2026-23513 FOSSBilling: Broken Authorization in Client Transaction and Order Listings 23.06.2026
CVE-2026-47379 NocoDB: Plaintext Password Comparison in Shared Views 24.06.2026
CVE-2026-47381 NocoDB: Cross-Workspace Integration Use in Connection Test 24.06.2026
CVE-2026-47383 NocoDB: Stored Cross-Site Scripting via Row Comments 23.06.2026
CVE-2026-47384 NocoDB: SQL Injection via Column Title in Bulk GroupBy 24.06.2026
CVE-2026-47385 NocoDB: Path Traversal via SQLite Source Filename 24.06.2026
CVE-2026-47386 NocoDB: OAuth Authorization Code Race Condition 23.06.2026
CVE-2026-47387 NocoDB: Stored Cross-Site Scripting via Form View Redirect URL 24.06.2026
CVE-2026-47388 NocoDB: Missing Ownership Check in MCP Attachment Read 24.06.2026
CVE-2026-53926 NocoDB: OAuth Tokens Persist Through Security Events 23.06.2026
CVE-2026-53927 NocoDB: Server-Side Request Forgery via Spreadsheet Fetch URL 24.06.2026
CVE-2026-53928 NocoDB: Refresh Tokens Persist Through Password Recovery 24.06.2026
CVE-2026-53929 NocoDB: Stored Cross-Site Scripting via Secure Attachment 23.06.2026
CVE-2026-53930 NocoDB: Server-Side Request Forgery via Base Migration URL 24.06.2026
CVE-2026-53931 NocoDB: Server-Side Request Forgery via Spreadsheet Import Endpoint 24.06.2026
CVE-2026-9073 Foreman-mcp-server: mcp server: insecure sensitive http header sanitization 24.06.2026
CVE-2026-39253 23.06.2026
CVE-2026-45792 RTK improperly trusts project-local filter configuration, allowing silent tampering of command output shown to LLM 23.06.2026
CVE-2026-48020 Traefik StripPrefix Route-Level Auth Bypass via Path Normalization 24.06.2026
CVE-2026-48491 Traefik: SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass 24.06.2026
CVE-2026-53622 Traefik: HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case hosts 23.06.2026
CVE-2026-54325 Pi loads project-local extensions without approval 23.06.2026 4.4
CVE-2026-54326 Pi: Potential XSS in HTML session exports via Markdown URL sanitization bypass 24.06.2026 2.5
CVE-2026-54327 Pi: Race condition in auth.json writes could expose stored credentials 23.06.2026 2.2
CVE-2026-54328 Pi: Predictable temporary extension install paths allow local privilege escalation on shared Linux hosts 24.06.2026 7.3
CVE-2026-54555 rtk: Permission-gate bypass in rtk rewrite auto-allow via unsplit shell separators 24.06.2026 7.8
CVE-2026-54761 Traefik: Kubernetes Gateway crossProviderNamespaces bypass allows HTTPRoute outside the allowlist to expose internal Traefik services 23.06.2026
CVE-2026-54762 Traefik Kubernetes Ingress NGINX provider fails open when auth-secret resolution fails 24.06.2026
CVE-2026-53753 Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API 23.06.2026 9.8
CVE-2026-53754 Crawl4AI: SSRF filter bypass in Docker server via IPv6 transition forms (NAT64 / 6to4 / unspecified / v4-mapped) 23.06.2026 7.5
CVE-2026-53755 Crawl4AI: SSRF via proxy settings in the Docker server bypasses the crawl-URL SSRF check 23.06.2026 8.6
CVE-2026-54319 Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape 24.06.2026 4.2
CVE-2026-54320 Daytona: Cross-tenant organization takeover via invitation acceptance with an unverified email 24.06.2026 8.4
CVE-2026-54321 Daytona: Public sandbox previews remain accessible for up to one hour after being made private 23.06.2026 7
CVE-2026-54322 Daytona: Cross-org IDOR in organization role update/delete — any org owner can rewrite or destroy another org's roles 23.06.2026 7.7
CVE-2026-55249 @rtk-ai/rtk-rewrite: OpenClaw Rewrite Plugin Command Injection via execSync Template String 23.06.2026 6.3
CVE-2026-55736 Private action arguments can be set by user input in Ash 23.06.2026
CVE-2020-9695 Acrobat Reader | Out-of-bounds Write (CWE-787) 24.06.2026 7.8
CVE-2020-9711 Acrobat Reader | Out-of-bounds Read (CWE-125) 23.06.2026 5.5
CVE-2020-9713 Acrobat Reader | Out-of-bounds Read (CWE-125) 23.06.2026 5.5
CVE-2026-0864 Configuration Injection via Carriage Return (\r) in write() method 24.06.2026
CVE-2026-45135 Caddy: Unsafe Unicode Handling in FastCGI splitPos Allows Execution of Non-PHP Files 23.06.2026 8.1
CVE-2026-45692 Caddy: Remote Admin Authorization Bypass in `/config` API via Array Index Normalization 23.06.2026 5.4
CVE-2026-52844 Caddy: Windows `file_server` path authorization bypass via encoded backslash 23.06.2026 7.5
CVE-2026-52845 Caddy: FastCGI header normalization bypass in `forward_auth copy_headers` 24.06.2026 8.1
CVE-2026-52846 Caddy: stripHTML template function bypass 23.06.2026 4.2
CVE-2026-53662 immich: One-click account takeover via XSS in login page continue redirect 23.06.2026 9.6
CVE-2026-54157 LobeHub: Unauthenticated SSRF in `/webapi/proxy` 23.06.2026 9
CVE-2026-54317 Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN 23.06.2026 7.6
CVE-2026-54318 Home Assistant: Exported BroadcastReceiver allows local apps to spoof device location 24.06.2026 7.1
CVE-2026-54323 Daytona: Git credential leak via git clone with TLS verification disabled 24.06.2026 5.9
CVE-2026-54324 Daytona: Cross-tenant data leak in notification WebSocket gateway via unverified organizationId join 23.06.2026 6.5
CVE-2025-71382 MuPDF < 1.27.0-rc1 Stack Exhaustion DoS via EPUB CSS Rendering 23.06.2026
CVE-2026-44726 Deno: TLS retry copies stale upgrade hook, risking plaintext traffic 24.06.2026 7.4
CVE-2026-49401 Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS) 23.06.2026 7.3
CVE-2026-49402 Deno: Command Injection via spawnSync & spawn on Windows 23.06.2026 8.1
CVE-2026-49406 Deno: BYONM module resolution allows `package.json` main path traversal to bypass `--allow-read` restrictions 23.06.2026 5.5
CVE-2026-49411 Deno Node TCPWrap numeric hostname aliases bypass --deny-net resolved-IP deny checks 23.06.2026 6.5
CVE-2026-55517 Deno: Denial of service via non-ASCII bytes in WebSocket response headers 23.06.2026 4.3
CVE-2026-57062 23.06.2026 2.9