EUVD-2026-1556

Missing Authorization vulnerability in Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Aruba HiSpeed Cache: from n/a through 3.0.3...

EUVD-2026-1558

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TMRW-studio Atlas atlas allows PHP Local File Inclusion.This issue affects Atlas: from n/a through = 2.1.0...

EUVD-2026-1559

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeMove Moody tm-moody allows PHP Local File Inclusion.This issue affects Moody: from n/a through = 2.7.3...

EUVD-2026-1536

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins Real Estate Pro real-estate-pro allows Reflected XSS.This issue affects Real Estate Pro: from n/a through = 2.1.4...

EUVD-2026-1586

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the getorderbyid function in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with...

EUVD-2026-1450

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...

EUVD-2026-1505

An issue was discovered in the AppConnector component version 10.10.0.183 and earlier of enaio 10.10, in the AppConnector component version 11.0.0.183 and earlier of enaio 11.0, and in the AppConnctor component version 11.10.0.183 and earlier of enaio 11.10. The vulnerability allows authenticated...

EUVD-2026-1446

KAYSUS KS-WR1200 routers with firmware 107 expose SSH and TELNET services on the LAN interface with hardcoded root credentials root:12345678. The administrator cannot disable these services or change the hardcoded password. Changing the management GUI password does not affect SSH/TELNET...

EUVD-2026-1168

Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern -gp into a fixed-size stack buff...

EUVD-2026-1175

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39...

EUVD-2026-1176

Inefficient Regular Expression Complexity vulnerability in Wikimedia Foundation MediaWiki - VisualData Extension allows Regular Expression Exponential Blowup.This issue affects MediaWiki - VisualData Extension: 1.45...

EUVD-2026-1203

The absence of permissions control for the user XXX allows the current configuration in the sudoers file to escalate privileges without any restrictions...

EUVD-2026-1211

An attacker with access to the system's internal network can cause a denial of service on the system by making two concurrent connections through the Telnet service...

EUVD-2026-1205

In HCL DevOps Deploy 8.1.2.0 through 8.1.2.3, a user with LLM configuration privileges may be able to recover a credential previously saved for performing authenticated LLM Queries...

EUVD-2026-1218

The massive sending of ARP requests causes a denial of service on one board of the charger that allows control of the EV interfaces. Since the board must be operating correctly for the charger to also function correctly...

EUVD-2026-1239

EUVD-2026-1239...

EUVD-2026-1232

Not used...

EUVD-2026-1238

Not used...

EUVD-2026-1236

Not used...

EUVD-2026-1252

EUVD-2026-1252...