Linux Distros Unpatched Vulnerability : CVE-2026-44422

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multip...

WordPress BlockSpare — News, Magazine and Blog Addons for (Gutenberg) Block Editor plugin <= 3.2.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Blockspare versions = 3.2.6...

EUVD-2026-2326

In the Linux kernel, the following vulnerability has been resolved: fuse: missing copyfinish in fuse-over-io-uring argument copies Fix a possible reference count leak of payload pages during fuse argument copies. Joanne: simplified error cleanup...

CVE-2025-67917

Missing Authorization vulnerability in shinetheme Traveler traveler allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Traveler: from n/a through = 3.2.6...

CVE-2025-67917

CVE-2025-67917 describes a Missing Authorization vulnerability in Travel Traveler (Travel Booking WordPress Theme), affecting Travel Traveler up to version 3.2.6. The root cause is incorrectly configured access control that could allow unauthorized access to certain resources. Wordfence documenta...

DEBIAN-CVE-2025-68480

Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.loaddata, many=True is vulnerable to denial of service attacks. A moderately sized request can consume a...

CVE-2025-12185

CVE-2025-12185 concerns the WordPress StaffList plugin (versions

CVE-2023-28097

OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large Content-Length value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memo...

CVE-2025-30367

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information...

WordPress plugin Ultimate Addons for Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability exis...

WordPress Easy Pricing Tables plugin <= 3.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Easy Pricing Tables versions = 3.2.6...

com.aerospike:aerospike-cache (>=0.9.1 <=1.2), com.aerospike:aerospike-kafka-connector (>=0.0.3 <=0.0.6) +64 more potentially affected by CVE-2023-36480 via com.aerospike:aerospike-client (>=3.0.34 <=4.4.9)

com.aerospike:aerospike-client MAVEN version =3.0.34, =0.9.1, =0.0.3, =1.0, =1.0, =4.2.0, =4.2.0, =4.4.9, =0.9.1, =0.0.1, =1.0.1.RELEASE, =2.5.0 - com.aerospike:spring-session-aerospike =1.0.0.RELEASE and more Source cves: CVE-2023-36480 Source advisory: OSV:GHSA-JJ95-55CR-9597...

PT-2023-18671 · Rapid7 · Rapid7 Insight Agent

Name of the Vulnerable Software and Affected Versions: Rapid7 Insight Agent versions 3.2.6 and below Description: The issue is related to a Directory Traversal vulnerability. Unsantized input from a CLI argument flows into io.ioutil.WriteFile, where it is used as a path, potentially allowing an...

CVE-2022-32657

creationtimestamp| type| source ---|---|--- 2023-01-04 00:17:35+00:00| seen| https://t.me/cibsecurity/55829 2023-07-10 13:19:09+00:00| published-proof-of-concept| https://t.me/ETHICALHACKERSCOMMUNITY2/2706...

CVE-2022-32641

In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594...

CVE-2022-32625

creationtimestamp| type| source ---|---|--- 2022-12-05 18:40:04+00:00| seen| https://t.me/cibsecurity/53983 2025-04-24 15:06:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13250...