4516 matches found
CVE-2026-58077 Joomla Extension - weeblr.com - Unauthenticated stored XSS in 4Analytics < 5.0.2
The Joomla extension 4Analytics is vulnerable to an unauthenticated stored XSS. A specially crafted unauthenticated request may result in website takeover under some circumstances...
Email Subscribers & Newsletters <= 5.3.1 - Authenticated SQL Injection
The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the order and orderby parameters to the ajaxfetchreportlist action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protecti...
Cobbler 'XML-RPC' - Authentication Bypass
Cobbler, a Linux installation server that allows for rapid setup of network installation environments, has an improper authentication vulnerability starting in version 3.0.0 and prior to versions 3.2.3 and 3.3.7. utils.getsharedsecret always returns -1, which allows anyone to connect to cobbler...
CVE-2026-52837
Summary: Easy!Appointments
CVE-2026-53566
CVE-2026-53566 describes an out-of-bounds read in the Citrix Secure Access Client for Windows , affecting versions prior to 26.6.1.20 . The vulnerability is categorized with a CVSS v4.0 vector indicating a local attack vector, low attack complexity, and no user interaction required, with a base s...
EUVD-2026-43654
DBI::SQL::Nano versions from 1.42 before 1.651 for Perl have inverted = SQL operators on text. DBI::SQL::Nano, DBI's built-in mini-SQL engine, evaluated WHERE predicates incorrectly in some cases. In the non-numeric string branch of the ismatched method, = was evaluated using Perl's le operator...
OpenCode < 1.0.216 - Unauthenticated Remote Code Execution
OpenCode versions prior to 1.0.216 contain an unauthenticated remote code execution vulnerability. The application exposes session and shell execution endpoints without proper authentication, allowing remote attackers to create sessions and execute arbitrary shell commands on the underlying serve...
PT-2026-58737
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description A use after free issue in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved by using a crafted HTML page...
CVE-2026-41041 Apache Gravitino: URL path injection via unencoded user-supplied identifiers in MCP REST client f-string URL construction, enabling path traversal to unintended API endpoints.
URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 before 1.2.1. Users are recommended to upgrade to version 1.2.1, which fixes the issue...
CVE-2026-12081 Database for Contact Form 7, WPforms, Elementor forms < 1.5.2 - Unauthenticated PHP Object Injection via Entry File Field
The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-supplied form-field value, allowing unauthenticated users to inject arbitrary PHP objects that are instantiated when an administrator...
CVE-2026-61858
ImageMagick before 7.1.2-26 contains a policy bypass vulnerability in the APNG encoder and external delegates due to missing validation checks. Attackers can write files to disallowed paths by bypassing configured policy restrictions through the APNG encoding process...
CVE-2026-55879 OpenReplay: Unauthenticated stored XSS leads to dashboard account takeover
OpenReplay is a self-hosted session replay suite. From 1.24.0 before 1.25.0, the OpenReplay tracking SDK accepts custom event names and captured page URLs from any visitor using a public project key, stores them in ClickHouse without output encoding, and later renders them in the authenticated...
CVE-2026-55789 Logto: SAML IdP injects user-controlled profile attributes raw into signed assertions, allowing privilege escalation at relying Service Providers
Logto is the modern, open-source auth infrastructure for SaaS and AI apps. Prior to 1.41.0, Logto's self-hosted SAML application IdP built the signed SAML response and assertion by string-substituting user-controlled profile attributes such as name, email, and custom attribute-mapping values into...
CVE-2026-61492
The provided connected documents identify a concrete vulnerability in JetBrains YouTrack: stored XSS via article titles in digest emails, affecting versions prior to 2026.2.17394. The exact root cause is not detailed beyond this description, and there are no explicit exploit details or remediatio...
CVE-2026-61444 PraisonAI before 4.6.78 Code Injection via f-string
PraisonAI versions before 4.6.78 contain a code injection vulnerability in deploy/api.py where the agentsfile parameter is directly interpolated into an f-string without sanitization. Attackers can inject arbitrary Python code that executes when the generated server code runs via subprocess.Popen...
CVE-2026-54468
Dell Unisphere for PowerMax, versions 10.3.0.5 and prior, contains a path traversal vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability to read arbitrary files...
PT-2026-57186
Name of the Vulnerable Software and Affected Versions JetBrains TeamCity versions prior to 2026.1.2 Description Stored Cross-Site Scripting XSS is possible through the unauthenticated agent registration process. Stored XSS occurs when an application receives data from a user and includes that dat...
EUVD-2026-42593
A vulnerability has been identified in CPCI85 Central Processing/Communication All versions V26.20, SICORE Base system All versions V26.20.0. The affected application includes a debugging interface that is accessible through HTTP endpoints. This could allow an authenticated attacker to disrupt th...
EUVD-2026-42574
Access of resource using incompatible type 'type confusion' vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: before 779f6bedf58f334dec64b0a51ebb724b4708b84a...
CVE-2026-56291
The CVE-2026-56291 entry concerns the Joomla extension Balbooa Forms, where an unauthenticated arbitrary file upload vulnerability allows uploading executable files and leads to full RCE. Affected version is Balbooa Forms