3347 matches found
CVE-2026-59926
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, renderadmonition in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even...
PT-2026-56512
Name of the Vulnerable Software and Affected Versions Mistune versions prior to 3.3.0 Description The safe url filter in src/mistune/renderers/html.py fails to block several legacy or chained URI schemes. While it restricts javascript:, vbscript:, file:, and data:, it allows schemes such as feed:...
WordPress Kitchor theme <= 1.4.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Kitchor versions = 1.4.3...
WordPress Aalto theme <= 1.8 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Aalto versions = 1.8...
PT-2026-54920
Name of the Vulnerable Software and Affected Versions Mediawiki - Cargo Extension versions prior to 1.43.9 Mediawiki - Cargo Extension versions prior to 1.44.6 Mediawiki - Cargo Extension versions prior to 1.45.4 Description Improper neutralization of special elements used in an SQL command allow...
CVE-2026-48313
ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read and limited write access. An attacker could exploit this vulnerability to access sensitive...
CVE-2026-48285
CVE-2026-48285 affects ColdFusion versions 2025.9, 2023.20 and earlier. It describes a Server-Side Request Forgery (SSRF) that can bypass security features and grant unauthorized read access without user interaction. The Bug’s scope is reported as changed, and the CVSS v3.1 base score is 8.6 (HIG...
CVE-2026-48283
CVE-2026-48283 affects ColdFusion versions 2025.9, 2023.20 and earlier. The vulnerability is an Unrestricted Upload of File with Dangerous Type (CWE-434) that can lead to arbitrary code execution in the context of the current user. Exploitation requires no user interaction and is network‑visible;...
WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.19.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Vimalatithyan S. Technieum in WordPress Plugin Email Marketing for WooCommerce by Omnisend versions = 1.19.0...
CVE-2026-40082
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing sessionregenerateid after login, leading to Session Fixation. sessionregenerateid is NOT called after successful login. The login flow at authlogin.php:203-207 directly sets $SESSIONSESSUSER...
CVE-2026-12921
In DAQFactory by AzeoTech, versions 21.1 and earlier have a Use After Free vulnerability in a component accessible via specially crafted .ctl files, which can lead to code execution. The CVSSv4.0 metrics indicate a HIGH base score (8.4) with a LOCAL attack vector, LOW attack complexity, and user ...
PT-2026-52615
Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.0.6 Description The Custom MCP feature, used for executing OS commands like launching local MCP servers, is unsandboxed. Due to a minimal authentication and authorization model lacking role-based access control, and...
CVE-2026-48137
There is an untrusted pointer dereference vulnerability in the NI grpc-device sideband streaming API that may allow an attacker to cause an arbitrary memory dereference, potentially resulting in remote code execution. Successful exploitation requires an attacker to supply a specially...
CVE-2026-38714
CVE-2026-38714 affects InHand Networks IR912 and IR915 devices (firmware v1.0.0.r20042 and earlier). A command-injection flaw exists in the Python configuration function, allowing remote attackers to execute arbitrary commands as root via a crafted input. Documents do not specify exploited vector...
CVE-2026-39557
Unauthenticated PHP Object Injection in NeoBeat = 1.7 versions...
CVE-2026-45436 WordPress WPBakery Page Builder plugin <= 8.7.2 - Broken Access Control vulnerability
Subscriber Broken Access Control in WPBakery Page Builder = 8.7.2 versions...
PT-2026-50564
Name of the Vulnerable Software and Affected Versions TypeBot versions prior to 3.16.0 Steeltoe affected versions not specified Description TypeBot contains an Insecure Direct Object Reference IDOR issue—a flaw where an application provides direct access to objects based on user-supplied...
CVE-2026-12326 Memory safety bugs fixed in Firefox 152 and Thunderbird 152
Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152 and Thunderbird 152...
PT-2026-50087
Unauthenticated Privilege Escalation in Support Board 3.8.9 versions...
EUVD-2026-36837
Unauthenticated Broken Authentication in Masteriyo - LMS = 2.1.8 versions...