91 matches found
CVE-2026-7421
creationtimestamp| type| source ---|---|--- 2026-06-03 03:10:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mne54cz3e32e 2026-06-03 23:15:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mngagm4t4t2t...
CVE-2026-46817
The CVE-2026-46817 entry concerns Oracle E-Business Suite’s Oracle Payments (File Transmission) vulnerable across 12.2.3–12.2.15. An unauthenticated attacker with network access over HTTP can compromise Oracle Payments, potentially taking over the service. CVSS v3.1 Base score is 9.8 (HIGH impact...
CVE-2026-34310
...
CVE-2026-34280
...
EUVD-2026-15989
Rejected reason: Not used...
EUVD-2026-4577
The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'templateproxy' function. This makes it possible for unauthenticated attackers to make web reques...
EUVD-2026-3962
Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogzee blogzee allows Using Malicious Files.This issue affects Blogzee: from n/a through = 1.0.5...
CVE-2026-21952
...
CVE-2026-22920
creationtimestamp| type| source ---|---|--- 2026-01-15 14:13:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mchrdyrgwr2o 2026-01-15 15:12:37+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115899757567671679...
EUVD-2026-2330
In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...
EUVD-2026-2282
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security5g parameter of the sub4CA50 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
EUVD-2026-1950
Deserialization of Untrusted Data vulnerability in Broadcom DX NetOps Spectrum on Windows, Linux allows Object Injection.This issue affects DX NetOps Spectrum: 24.3.13 and earlier...
EUVD-2026-1517
This vulnerability allows a Backup or Tape Operator to write files as root...
EUVD-2026-1295
The WP Widget Changer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.2.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
EUVD-2026-0176
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0169
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0606
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2025-206121
To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used...
EUVD-2025-205296
LogicalDOC Enterprise 7.7.4 contains multiple post-authentication file disclosure vulnerabilities that allow attackers to read arbitrary files through unverified 'suffix' and 'fileVersion' parameters. Attackers can exploit directory traversal techniques in /thumbnail and /convertpdf endpoints to...
EUVD-2025-204827
Hugging Face Transformers GLM4 Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the...