44 matches found
CVE-2026-13489
The CVE-2026-13489 entry describes a vulnerability in 78 xiaozhi-esp32
CVE-2026-57700
Summary of CVE-2026-57700 (WordPress OMGF Pro plugin
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.6
Red Hat OpenShift Service Mesh 3.2.6 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....
CVE-2026-35242
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...
Linux Distros Unpatched Vulnerability : CVE-2026-35230
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...
CVE-2026-35245
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this...
CVE-2026-35248
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...
CVE-2026-35230
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...
CVE-2026-25344 WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in RadiusTheme Review Schema review-schema allows Retrieve Embedded Sensitive Data.This issue affects Review Schema: from n/a through = 2.2.6...
CVE-2026-27541
Incorrect Privilege Assignment vulnerability in Josh Kohlbach Wholesale Suite woocommerce-wholesale-prices allows Privilege Escalation.This issue affects Wholesale Suite: from n/a through = 2.2.6...
CVE-2025-12718 Quick Contact Form <= 8.2.6 - Unauthenticated Open Mail Relay
The Quick Contact Form plugin for WordPress is vulnerable to Open Mail Relay in all versions up to, and including, 8.2.6. This is due to the 'qcfvalidateform' AJAX endpoint allowing a user controlled parameter to set the 'from' email address. This makes it possible for unauthenticated attackers t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004350)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004350 advisory. An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in shownumastats because NUMA fault statisti...
CVE-2013-7472
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpdmetaboxes daytoshow parameter...
PT-2026-34148
Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6 Description An issue in the Core component of Oracle VM VirtualBox allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful...
WordPress Calculated Fields Form plugin < 5.2.62 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Calculated Fields Form versions 5.2.62...
GHSA-59PP-R3RG-353G Composer is vulnerable to ANSI sequence injection
Impact Attackers controlling remote sources that Composer downloads from might in some way inject ANSI control characters in the terminal output of various Composer commands, causing mangled output and potentially leading to confusion or DoS of the terminal application. There is no proven exploit...
WordPress Groundhogg plugin <= 4.2.6.1 - Authenticated (Admin+) SQL Injection vulnerability
Authenticated Admin+ SQL Injection vulnerability discovered by NAKLEH ZEIDAN in WordPress Plugin Groundhogg versions = 4.2.6.1...
CVE-2025-60209 WordPress Connector for Gravity Forms and Google Sheets plugin <= 1.2.6 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in CRM Perks Connector for Gravity Forms and Google Sheets wp-gravity-forms-spreadsheets allows Object Injection.This issue affects Connector for Gravity Forms and Google Sheets: from n/a through = 1.2.6...
WordPress Element Pack Addons for Elementor plugin <= 8.2.5 - Authenticated (Subscriber+) Blind Server-Side Request Forgery vulnerability
Authenticated Subscriber+ Blind Server-Side Request Forgery vulnerability discovered by LionTree in WordPress Plugin Element Pack Elementor Addons versions = 8.2.5...
EUVD-2025-32370
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...