CVE-2026-47202

Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given knowledge of their username. This vulnerability is fixed in 0.9.0.2...

CVE-2026-44314

Traccar is an open source GPS tracking system. Prior to 6.13.0, DeviceResource.uploadImage authorizes the target device only through Condition.PermissionUser.class, getUserId, Device.class and then immediately streams the uploaded body into mediaManager.createFileStream.... Unlike the generic...

CVE-2026-6898

The Wishlist Member plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'WishListMember3Hooks::generateapikey' function in all versions up to, and including, 3.30.1. This makes it possible for authenticated attackers, with...

Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover

Exploit Title: Wordpress Temporary Login Plugin 1.0.0 - 'temp-login-token' Authentication Bypass to Account Takeover Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://wordpress.org Software Link: https://downloads.wordpress.org/plugin/temporary-login.1.0.0.zip Versio...

Exploit for CVE-2012-1803

CVE-2012-1803 Critical vulnerability in Siemens Rugge...

CVE-2026-8652

CVE-2026-8652 describes an OS Command Injection in the product Aterm . The issue allows an attacker who already has administrator access to the product’s web console to execute arbitrary OS commands via the adjacent network, enabling high-severity impact on confidentiality, integrity, and availab...

PT-2026-42873

Name of the Vulnerable Software and Affected Versions Arcane versions prior to 1.19.2 Description The "PUT /api/environments/id/templates/variables" endpoint, used to write the system-wide .env.global file for variable substitution in project compose files, lacks an admin authorization check. Any...

UserSpice 跨站脚本漏洞

UserSpice is an open-source PHP framework for user management and identity authentication developed by UserSpice. Version 4.3.24 of userSpice contains a cross-site scripting vulnerability. This vulnerability stems from the injection of malicious scripts through the X-Forwarded-For HTTP header,...

CVE-2026-40166

authentik contains an elevation of privilege in its OAuth2 access_tokens API (GET /api/v3/oauth2/access_tokens/) where authenticated non-admin users with at least one OAuth2 access token can retrieve the client_secret of confidential providers they previously authenticated against. This exposed i...

CVE-2026-40166 authentik: Non-admin user can retrieve confidential OAuth client_secret via /api/v3/oauth2/access_tokens/

authentik is an open-source identity provider. In versions prior to 2025.12.5 and 2026.2.0-rc1 through 2026.2.2, authenticated non-admin users with at least one OAuth2 access token can retrieve the clientsecret of confidential OAuth2 providers they have previously authenticated against, exposing...

CVE-2021-21508

Dell VxRail: Affected versions before 7.0.200 store passwords in plain text within VxRail Manager, enabling a sys-admin to disclose credentials and access the vulnerable app with the compromised account’s privileges. Impact is credential exposure with high confidentiality and integrity risk (per ...

CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)

A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...

PT-2026-42736

A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...

CVE-2026-8245

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" . Any authenticated admin or report viewer with access to...

CVE-2026-47102

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

CVE-2026-8245 Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" . Any authenticated admin or report viewer with access to...

CVE-2026-8245

Concrete CMS 9.5.0 and below is vulnerable to Reflected XSS in Legacy Pagination via HTML attribute injection. Concrete\Core\Legacy\Pagination builds pagination links by raw-interpolating its $URL field into href="" . Any authenticated admin or report viewer with access to...

CVE-2026-47102 LiteLLM < 1.83.10 Privilege Escalation via User Update

LiteLLM prior to 1.83.10 allows a user to modify their own userrole via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxyadmin...

CVE-2026-34926

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...

CVE-2026-34926

A directory traversal vulnerability in the Apex One on-premise server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. This vulnerability is only exploitable on the on-premise version of Apex...