CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/21 4:43 p.m.•1 views

GHSA-3888-Q23F-X7QH October CMS has Safe Mode Bypass via CSS Preprocessor Compilers

A server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the compiler's import functionality to read arbitrary files from the server. This worked even...

4.9CVSS5.8AI score0.00054EPSS

Cvelist•added 2026/04/21 4:16 p.m.•23 views

CVE-2026-26067 October: Safe Mode Bypass via CSS Preprocessor Compilers

October is a Content Management System CMS and web platform. Prior to 3.7.14 and 4.1.10, a server-side information disclosure vulnerability was identified in the handling of CSS preprocessor files. Backend users with Editor permissions could craft .less, .sass, or .scss files that leverage the...

4.9CVSS0.00054EPSS

Vulnrichment•added 2026/04/21 4:16 p.m.•1 views

CVE-2026-26067 October: Safe Mode Bypass via CSS Preprocessor Compilers

CVE•added 2026/04/21 4:16 p.m.•12 views

CVE-2026-26067

CVE-2026-26067 affects October CMS prior to versions 3.7.14 and 4.1.10. A server-side information disclosure flaw exists in handling CSS preprocessor files (LESS/SASS/SCSS) through the compiler import function, allowing backend users with Editor permissions to read arbitrary server files. The iss...

Vulnrichment•added 2026/04/21 3:52 p.m.•3 views

CVE-2026-40565 FreeScout has Stored XSS / CSS Injection via linkify() — Unescaped URL in Anchor href

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify function in app/Misc/Helper.php converts plain-text URLs in email bodies into HTML anchor tags without escaping double-quote characters " in the URL. HTMLPurifier called first via...

6.1CVSS5.9AI score0.00035EPSS

CVE•added 2026/04/21 3:52 p.m.•3 views

CVE-2026-40565

FreeScout vulnerability CVE-2026-40565 affects versions prior to 1.8.213. The issue occurs in linkify() (app/Misc/Helper.php): plain-text URLs in email bodies are converted to HTML anchor tags without escaping double-quote (") characters, and because HTMLPurifier runs first via getCleanBody(), th...

6.1CVSS5.9AI score0.00035EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/04/21 3:52 p.m.•28 views

CVE-2026-40565 FreeScout has Stored XSS / CSS Injection via linkify() — Unescaped URL in Anchor href

6.1CVSS0.00035EPSS

CVE•added 2026/04/21 6:43 a.m.•5 views

CVE-2026-6703

The CVE concerns the WordPress plugin “Responsive Blocks – Page Builder for Blocks & Patterns” (versions up to 2.2.1). The root cause is improper authorization verification, allowing authenticated attackers with contributor-level access or higher to modify global site-wide plugin configuration op...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References8

Vulnrichment•added 2026/04/21 6:43 a.m.•3 views

CVE-2026-6703 Responsive Blocks <= 2.2.1 - Missing Authorization to Authenticated (Contributor+) Arbitrary Modification via AJAX Actions

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...

4.3CVSS5.7AI score0.0004EPSS

Exploits0References8

NVD•added 2026/04/21 3:16 a.m.•2 views

CVE-2026-40497

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's Helper::stripDangerousTags removes , , , but does NOT strip tags. The mailbox signature field is saved via POST /mailbox/settings/id and later rendered unescaped via !!...

8.1CVSS0.00042EPSS

CVE•added 2026/04/21 1:45 a.m.•6 views

CVE-2026-40497

Summary (concrete details available) : FreeScout prior to version 1.8.213 is vulnerable to CSS injection in the mailbox signature due to incomplete stripping of dangerous tags: stripDangerousTags() removes script/form/iframe/object but not style, allowing inline CSS to exfiltrate CSRF tokens. An ...

8.1CVSS5.9AI score0.00042EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/21 12:0 a.m.•3 views

PT-2026-33983

Name of the Vulnerable Software and Affected Versions Custom css-js-php versions prior to 2.0.8 Description The plugin fails to properly sanitize user input before incorporating it into a SQL query. The resulting output is then passed to the eval function, which enables unauthenticated users to...

7.3CVSS6.3AI score0.00966EPSS

Exploits1References7

Positive Technologies•added 2026/04/21 12:0 a.m.•1 views

PT-2026-33919

4.3CVSS5.7AI score0.0004EPSS

Exploits0References9

CNNVD•added 2026/04/21 12:0 a.m.•5 views

FreeScout 安全漏洞

FreeScout is a lightweight and powerful free open-source help desk and shared inbox built using PHP Laravel framework by FreeScout Inc. Versions of FreeScout prior to 1.8.213 contained security vulnerabilities. These vulnerabilities stemmed from the Helper::stripDangerousTags function not removin...

8.1CVSS5.8AI score0.00042EPSS

CNNVD•added 2026/04/21 12:0 a.m.•3 views

October 安全漏洞

October is an open-source content management system CMS and network platform developed by October. Versions prior to October 3.7.14 and 4.1.10 contained security vulnerabilities. These vulnerabilities were caused by improper handling of CSS preprocessor files, which could allow backend users with...

Positive Technologies•added 2026/04/21 12:0 a.m.•4 views

PT-2026-34002