55910 matches found
EUVD-2026-42910
In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible...
CVE-2026-38059
The CVE-2026-38059 entry concerns iDirect iQ200 devices where the /api/identity and /api/ REST endpoints are exposed without authentication. An unauthenticated attacker with network access can retrieve sensitive device data including serial number, Device ID (DID), Terminal Private Key (TPK) iden...
CVE-2026-22659
FlaskBB up to version 2.2.0 is vulnerable to an authorization bypass. The issue arises when an attacker manipulates a batch request with crafted topic ID lists, causing a low-ID topic from a permitted forum to be used as an anchor and bypass the permission check applied only to the first result. ...
CVE-2026-40454
creationtimestamp| type| source ---|---|--- 2026-07-10 11:11:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbz7ub5sf2f 2026-07-10 12:15:35+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40454 2026-07-10 13:34:44+00:00| seen|...
CVE-2026-59724
A flaw was found in Engine.IO. When Engine.IO servers have WebTransport enabled, a remote attacker can craft a session ID to resolve an inherited property of the clients object during WebTransport upgrade handling. This can lead to a TypeError, resulting in a denial of service DoS for the server...
CVE-2026-14475
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
GHSA-5QWX-4Q7J-HWM2 vulnerabilities
Vulnerabilities for packages: linux-gcp...
GHSA-X6W2-JPMX-X267 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-RJCX-5J87-VP95 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-MCCM-G2CW-25J9 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13785 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-X454-5847-5CWH vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-V598-MR98-5866 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-2M65-XXR3-MHCV vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-14008 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-14475 Cookie Banner for GDPR / CCPA <= 4.3.6 - Authenticated (Administrator+) SQL Injection via 'scan_id' Parameter
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
CVE-2026-14475
The CVE-2026-14475 entry relates to the WordPress plugin “WPLP Cookie Consent” (GDPR/CCPA banner) with a SQL Injection vulnerability via the scan_id parameter in all versions up to 4.3.6. The root cause is insufficient escaping of the user-supplied parameter and inadequate preparation of the exis...
EUVD-2026-42844
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
CVE-2026-15284
The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...
EUVD-2026-42798
The Booking calendar, Appointment Booking System plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpdevartid’ parameter in all versions up to, and including, 3.2.17 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existin...